VYPR
Unrated severityNVD Advisory· Published Apr 8, 2008· Updated Jun 16, 2026

CVE-2008-1686

CVE-2008-1686

Description

Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

45
  • Xine/Xine Lib14 versions
    cpe:2.3:a:xine:xine-lib:*:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:xine:xine-lib:*:*:*:*:*:*:*:*range: <=1.1.11.1
    • cpe:2.3:a:xine:xine-lib:0.9.13:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:0.9.8:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:0.99:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:1.0.3a:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:1.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:1.1.10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xine:xine-lib:1.1.11:*:*:*:*:*:*:*
    • (no CPE)range: <1.1.12
  • cpe:2.3:a:xiph:libfishsound:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:xiph:libfishsound:*:*:*:*:*:*:*:*range: <=0.9.0
    • cpe:2.3:a:xiph:libfishsound:0.5.41:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:libfishsound:0.5.42:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:libfishsound:0.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:libfishsound:0.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:libfishsound:0.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:libfishsound:0.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:libfishsound:0.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:libfishsound:0.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:libfishsound:0.8.1:*:*:*:*:*:*:*
    • (no CPE)range: <=0.9.0
  • Xiph.Org/Speex17 versions
    cpe:2.3:a:xiph:speex:*:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:xiph:speex:*:*:*:*:*:*:*:*range: <=1.1.12
    • cpe:2.3:a:xiph:speex:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:xiph:speex:1.1.9:*:*:*:*:*:*:*
  • Speex/Speexllm-fuzzy
    Range: <=1.1.12
  • osv-coords2 versions
    < 1.18.5-2.1+ 1 more
    • (no CPE)range: < 1.18.5-2.1
    • (no CPE)range: < 1.4.2-1.6

Patches

Vulnerability mechanics

References

58

News mentions

0

No linked articles in our index yet.