xiph/speex
Releases92
Frequency2 months 2 weeks
Last Release
Stars505
Speex voice codec mirror - THIS IS A MIRROR, DEVELOPMENT HAPPENS AT https://gitlab.xiph.org/xiph/speex
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| = 1.2 | 5.5 MEDIUM | 4.3 MEDIUM | ||
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. | ||||
| = 1.2 | 5.5 MEDIUM | 4.3 MEDIUM | ||
A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program. | ||||
| <= 1.1.12, = 1.0.2, = 1.0.3, = 1.0.4, = 1.0.5, = 1.1.1, = 1.1.2, = 1.1.3, = 1.1.4, = 1.1.5, = 1.1.6, = 1.1.7, = 1.1.8, = 1.1.9, = 1.1.10, = 1.1.11, = 1.1.11.1 | — | 9.3 HIGH | ||
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer. | ||||