Lucene search
Gentoo FoundationMGASA-2018-0105HistoryFeb 02, 2018 - 3:33 p.m.
Updated sox packages fix security vulnerability
2018-02-0215:33:47
Gentoo Foundation
advisories.mageia.org
11
0.001 Low
EPSS
Percentile
50.7%
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file (CVE-2017-15370). There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file (CVE-2017-15371).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 5 | noarch | sox | <Â 14.4.1-6.1 | sox-14.4.1-6.1.mga5 |
| Mageia | 6 | noarch | sox | <Â 14.4.2-7.1 | sox-14.4.2-7.1.mga6 |
Related
openvas
openvas
Fedora Update for sox FEDORA-2018-b26768593c
2018-01-24 00:00:00
Fedora Update for sox FEDORA-2018-b528f28c59
2018-01-24 00:00:00
Mageia: Security Advisory (MGASA-2018-0105)
2022-01-28 00:00:00
nessus
nessus
Fedora 26 : sox (2018-b26768593c)
2018-01-24 00:00:00
Fedora 27 : sox (2018-b528f28c59)
2018-01-24 00:00:00
EulerOS 2.0 SP5 : sox (EulerOS-SA-2021-1231)
2021-02-04 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: sox-14.4.2.0-14.fc26
2018-01-23 21:21:31
[SECURITY] Fedora 27 Update: sox-14.4.2.0-14.fc27
2018-01-23 21:51:11
[SECURITY] Fedora 27 Update: sox-14.4.2.0-22.fc27
2018-08-14 20:19:43
cve
cve
CVE-2017-15370
2017-10-16 04:29:00
CVE-2017-15371
2017-10-16 04:29:00
veracode
veracode
Denial Of Service (DoS)
2020-12-06 03:21:50
Denial Of Service (DoS)
2020-12-06 03:21:55
ubuntucve
ubuntucve
CVE-2017-15371
2017-10-16 00:00:00
CVE-2017-15370
2017-10-16 00:00:00
cvelist
cvelist
CVE-2017-15371
2017-10-16 04:00:00
CVE-2017-15370
2017-10-16 04:00:00
redhatcve
redhatcve
CVE-2017-15370
2017-11-08 13:20:54
CVE-2017-15371
2017-11-08 13:21:07
debiancve
debiancve
CVE-2017-15370
2017-10-16 04:29:00
CVE-2017-15371
2017-10-16 04:29:00
alpinelinux
alpinelinux
CVE-2017-15370
2017-10-16 04:29:00
prion
prion
Authentication flaw
2017-10-16 04:29:00
Heap overflow
2017-10-16 04:29:00
gentoo
gentoo
SoX: Multiple vulnerabilities
2018-10-06 00:00:00
debian
debian
[SECURITY] [DLA 1197-1] sox security update
2017-11-30 23:02:40
[SECURITY] [DLA 1705-1] sox security update
2019-03-05 17:59:15
[SECURITY] [DLA 1695-1] sox security update
2019-02-28 13:18:01
osv
osv
sox - security update
2017-11-30 00:00:00
sox - security update
2019-03-05 00:00:00
sox - security update
2019-02-28 00:00:00