New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
speexenc stack buffer overflow #14
Comments
|
Looks like this may also affect CELT as it has a very similarly named |
|
It was assigned as CVE-2020-23904 |
How exactly are you running the command-line? This sample gets rejected for me with: |
|
Any news on this issue? It was assigned a CVE number 2 months ago and it seems nobody has been able to reproduce it. Would it make sense to dispute it? |
|
I'm going to close this since as mentioned in #14 (comment) I cannot reproduce it. |
I have found a stack buffer overflow vulnerability in speexenc,this may cause a rce by open a crafted wav file
sample2.zip
the vulnerability function:
speexenc.c:122
} else {
nb_read = fread(in,1,to_read,fin);
The text was updated successfully, but these errors were encountered: