sox -- input sanitization errors

2014-11-20T00:00:00
ID 92CDA470-30CB-11E5-A4A5-002590263BF5
Type freebsd
Reporter FreeBSD
Modified 2014-11-20T00:00:00

Description

oCERT reports:

The sox command line tool is affected by two heap-based buffer overflows, respectively located in functions start_read() and AdpcmReadBlock(). A specially crafted wav file can be used to trigger the vulnerabilities.