CVE-2008-1686

🗓️ 08 Apr 2008 18:05:00Reported by [email protected]Type

Array index vulnerability in Speex allows remote code executio

Reporter	Title	Published	Views	Family All 124
FreeBSD	vorbis-tools -- Speex header processing vulnerability	18 Apr 200800:00	–	freebsd
FreeBSD	libxine -- array index vulnerability	6 Apr 200800:00	–	freebsd
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
Tenable Nessus	CentOS 4 / 5 : speex (CESA-2008:0235)	22 Apr 200800:00	–	nessus
Tenable Nessus	Debian DSA-1584-1 : libfishsound - buffer overflow	22 May 200800:00	–	nessus

NVD

Node

xine xine-libRange≤1.1.11.1

xine xine-libMatch0.9.8

xine xine-libMatch0.9.13

xine xine-libMatch0.99

xine xine-libMatch1.0

xine xine-libMatch1.0.1

xine xine-libMatch1.0.2

xine xine-libMatch1.0.3a

xine xine-libMatch1.1.0

xine xine-libMatch1.1.1

xine xine-libMatch1.1.10

xine xine-libMatch1.1.10.1

xine xine-libMatch1.1.11

Node

xiph speexRange≤1.1.12

xiph speexMatch1.0.2

xiph speexMatch1.0.3

xiph speexMatch1.0.4

xiph speexMatch1.0.5

xiph speexMatch1.1.1

xiph speexMatch1.1.2

xiph speexMatch1.1.3

xiph speexMatch1.1.4

xiph speexMatch1.1.5

xiph speexMatch1.1.6

xiph speexMatch1.1.7

xiph speexMatch1.1.8

xiph speexMatch1.1.9

xiph speexMatch1.1.10

xiph speexMatch1.1.11

xiph speexMatch1.1.11.1

AND

xiph libfishsoundRange≤0.9.0

xiph libfishsoundMatch0.5.41

xiph libfishsoundMatch0.5.42

xiph libfishsoundMatch0.6.0

xiph libfishsoundMatch0.6.1

xiph libfishsoundMatch0.6.2

xiph libfishsoundMatch0.6.3

xiph libfishsoundMatch0.7.0

xiph libfishsoundMatch0.8.0

xiph libfishsoundMatch0.8.1

Source	Link
vupen	www.vupen.com/english/advisories/2008/1268/references
lists	www.lists.xiph.org/pipermail/speex-dev/2008-April/006636.html
security	www.security.gentoo.org/glsa/glsa-200804-17.xml
lists	www.lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html
secunia	www.secunia.com/advisories/30104
secunia	www.secunia.com/advisories/30358
redhat	www.redhat.com/support/errata/RHSA-2008-0235.html
secunia	www.secunia.com/advisories/30337
secunia	www.secunia.com/advisories/30717
secunia	www.secunia.com/advisories/29845

23 Apr 2026 00:35Current

7.4High risk

Vulners AI Score7.4

CVSS 29.3

EPSS0.05935

CWE-189