SoX .WAV File Processing Multiple Field Overflow

2004-07-29T08:02:16
ID OSVDB:8267
Type osvdb
Reporter Angelo Rosiello(angelo@rosiello.org)
Modified 2004-07-29T08:02:16

Description

Vulnerability Description

SoX contains a flaw that may allow a malicious user to execute arbitrary code on a remote system. The issue is triggered when a user executes a specially crafted .wav file created by a malicious user which will overflow a buffer in the st_wavstartread() function of wav.c. It is possible that the flaw may allow remote code execution on the local system resulting in a loss of confidentiality and integrity.

Solution Description

Upgrade to version 12.17.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

SoX contains a flaw that may allow a malicious user to execute arbitrary code on a remote system. The issue is triggered when a user executes a specially crafted .wav file created by a malicious user which will overflow a buffer in the st_wavstartread() function of wav.c. It is possible that the flaw may allow remote code execution on the local system resulting in a loss of confidentiality and integrity.

References:

Vendor URL: http://sox.sourceforge.net/ Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:12819 Secunia Advisory ID:12175 Secunia Advisory ID:12268 Secunia Advisory ID:12176 RedHat RHSA: RHSA-2004:409-05 Other Advisory URL: http://www.debian.org/security/2004/dsa-565 Other Advisory URL: http://www.securiteam.com/unixfocus/6S00B0UBGG.html Nessus Plugin ID:14383 Nessus Plugin ID:13851 Nessus Plugin ID:14174 Nessus Plugin ID:13850 Nessus Plugin ID:13853 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-07/0359.html ISS X-Force ID: 16827 CVE-2004-0557 Bugtraq ID: 10819