CVE-2004-0557

🗓️ 02 Aug 2004 04:00:00Reported by mitreType

Multiple buffer overflows in st_wavstartread function in SoX 12.17.2 through 12.17.4 allow remote code execution via WAV file header fields

Reporter	Title	Published	Views	Family All 36
0day.today	SoX Local Buffer Overflow Exploiter (Via Crafted WAV File)	4 Aug 200400:00	–	zdt
FreeBSD	SoX buffer overflows when handling .WAV files	28 Jul 200400:00	–	freebsd
CVE	CAN-2004-0557	23 Feb 202418:52	–	cve
Cvelist	CVE-2004-0557	2 Aug 200404:00	–	cvelist
Debian	[SECURITY] [DSA 565-1] New sox packages fix buffer overflow	13 Oct 200413:34	–	debian
Debian	[SECURITY] [DSA 565-1] New sox packages fix buffer overflow	13 Oct 200413:34	–	debian
Debian CVE	CVE-2004-0557	2 Aug 200404:00	–	debiancve
Tenable Nessus	Debian DSA-565-1 : sox - buffer overflow	10 Nov 200400:00	–	nessus
Tenable Nessus	Fedora Core 1 : sox-12.17.4-4.fc1 (2004-235)	28 Jul 200400:00	–	nessus
Tenable Nessus	Fedora Core 2 : sox-12.17.4-4.fc2 (2004-244)	28 Jul 200400:00	–	nessus

NVD

Node

sox soxMatch12.17.2

sox soxMatch12.17.3

sox soxMatch12.17.4

Node

redhat enterprise_linuxMatch3.0advanced_servers

redhat enterprise_linuxMatch3.0enterprise_server

Source	Link
oval	www.oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9801
debian	www.debian.org/security/2004/dsa-565
lwn	www.lwn.net/Articles/95529/
redhat	www.redhat.com/support/errata/RHSA-2004-409.html
secunia	www.secunia.com/advisories/12175
archives	www.archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html
bugzilla	www.bugzilla.fedora.us/show_bug.cgi
mandriva	www.mandriva.com/security/advisories
distro	www.distro.conectiva.com.br/atualizacoes/
seclists	www.seclists.org/fulldisclosure/2004/Jul/1227.html

16 Apr 2026 00:27Current

7.5High risk

Vulners AI Score7.5

CVSS 210

EPSS0.48546