SoX buffer overflows when handling .WAV files

ID 3E4FFE76-E0D4-11D8-9B0A-000347A4FA7D
Type freebsd
Reporter FreeBSD
Modified 2004-07-28T00:00:00


Ulf Härnhammar discovered a pair of buffer overflows in the WAV file handling code of SoX. If an attacker can cause her victim to process a specially-crafted WAV file with SoX (e.g. through social engineering or through some other program that relies on SoX), arbitrary code can be executed with the privileges of the victim.