Azure Linux 3.0 Security Update: sox (CVE-2017-15370)

The version of sox installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-15370 advisory. - There is a heap-based buffer overflow in the ImaExpandS function of imarw.c in Sound eXchange SoX 14.4.2. A...

CVE-2017-15370 affecting package sox for versions less than 14.4.2.0-33

CVE-2017-15370 affecting package sox for versions less than 14.4.2.0-33. A patched version of the package is available...

CBL Mariner 2.0 Security Update: sox (CVE-2017-15370)

The version of sox installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-15370 advisory. - There is a heap-based buffer overflow in the ImaExpandS function of imarw.c in Sound eXchange SoX 14.4.2. A...

RHEL 5 : sox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sox: buffer overflow read vulnerability CVE-2021-3643 - The startread function in wav.c in Sound eXchange...

CVE-2017-15370 affecting package sox for versions less than 14.4.2.0-33

CVE-2017-15370 affecting package sox for versions less than 14.4.2.0-33. A patched version of the package is available...

Mageia: Security Advisory (MGASA-2018-0105)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sox (EulerOS-SA-2021-1850)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sox (EulerOS-SA-2021-1231)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : sox (EulerOS-SA-2021-1231)

According to the versions of the sox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SoX Sound eXchange is a sound file format converter SoX can convert between many different digitized sound formats and perform simple sound...

Debian DLA-1695-1 : sox security update

Multiple vulnerabilities have been discovered in SoX Sound eXchange, a sound processing program : CVE-2017-15370 The ImaAdpcmReadBlock function src/wav.c is affected by a heap buffer overflow. This vulnerability might be leveraged by remote attackers using a crafted WAV file to cause denial of...

[SECURITY] [DLA 1695-1] sox security update

Package : sox Version : 14.4.1-5+deb8u2 CVE ID : CVE-2017-15370 CVE-2017-15372 CVE-2017-15642 CVE-2017-18189 Debian Bug : 878808, 878810, 882144, 881121 Multiple vulnerabilities have been discovered in SoX Sound eXchange, a sound processing program: CVE-2017-15370 The ImaAdpcmReadBlock function...

Debian: Security Advisory (DLA-1695-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for sox FEDORA-2018-f7a1334c68

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : sox (openSUSE-2018-185)

This update for sox fixes the following issues : - CVE-2017-11332: Fixed the startread function in wav.c, which allowed remote attackers to cause a DoS divide-by-zero via a crafted wav file. boo1081140 - CVE-2017-11358: Fixed the readsamples function in hcom.c, which allowed remote attackers to...

Updated sox packages fix security vulnerability

There is a heap-based buffer overflow in the ImaExpandS function of imarw.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file CVE-2017-15370. There is a reachable assertion abort in the function soxappendcomment in formats.c i...

Fedora 26 : sox (2018-b26768593c)

Security fix for CVE-2017-15370 and CVE-2017-15371 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 27 : sox (2018-b528f28c59)

Security fix for CVE-2017-15370 and CVE-2017-15371 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora Update for sox FEDORA-2018-b26768593c

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1197-1] sox security update

Package : sox Version : 14.4.0-3+deb7u2 CVE ID : CVE-2017-11332 CVE-2017-11358 CVE-2017-11359 CVE-2017-15370 CVE-2017-15371 CVE-2017-15372 CVE-2017-15642 Debian Bug : 870328 878810 878809 878808 882236 882144 Various security vulnerabilities were discovered in sox, a command line utility to conve...

CVE-2017-15370

There is a heap-based buffer overflow in the ImaExpandS function of imarw.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file...