CVE-2008-1686 - Sentential Vectors


Array index vulnerability in Speex 1.1.12 and earlier as used in libfishsound 0.9.0 and earlier including Illiminable DirectShow Filters and Annodex Plugins for Firefox xine-lib before 1.1.12 and many other products allows remote attackers to execute arbitrary code via a header structure containing a negative offset which is used to dereference a function pointer.