160 matches found
Astra Linux - уязвимость в sox
There is a heap-based buffer overflow vulnerability in the sphere.c startread function of the Sound Exchange libsox 14.4.2 version and the main commit 42b3557e. A specially crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux - уязвимость в sox
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...
Astra Linux - уязвимость в sox
In SoX 14.4.2, there is a floating-point exception in lsxaiffstartwrite in the aiff.c file of libsox.a...
EUVD-2017-6826
Malware in sbrugna...
EUVD-2017-9324
Malware in sbrugna...
EUVD-2017-6825
Malware in sbrugna...
EUVD-2017-6824
Malware in sbrugna...
EUVD-2021-27603
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-15372
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a stack-based buffer overflow in the lsxmsadpcmblockexpandi function of adpcm.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of...
Linux Distros Unpatched Vulnerability : CVE-2017-15642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In lsxaiffstartread in aiff.c in Sound eXchange SoX 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file. CVE-2017-15642...
Linux Distros Unpatched Vulnerability : CVE-2014-8145
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple heap-based buffer overflows in Sound eXchange SoX 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the 1...
Azure Linux 3.0 Security Update: sox (CVE-2017-15371)
The version of sox installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-15371 advisory. - There is a reachable assertion abort in the function soxappendcomment in formats.c in Sound eXchange SoX 14.4.2...
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
...
RHEL 5 : sox (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sox: two heap out-of-bounds access issues oCERT-2014-010 CVE-2014-8145 - sox: Use-after-free in...
RHEL 7 : sox (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sox: buffer overflow read vulnerability CVE-2021-3643 - sox: heap-based buffer overflow vulnerability...
Oracle Linux 7 : sox (ELSA-2019-2283)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2283 advisory. 14.4.1-7 - Fix CVE-2017-18189 Upstream patch: https://sourceforge.net/p/sox/code/ci/09d7388c8ad5701ed9c59d1d600ff6154b066397/ Resolves: 1553590 Tenable has...
USN-6345-1 sox vulnerability
It was discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause a denial of service...
SUSE CVE-2004-0557
Multiple buffer overflows in the stwavstartread function in wav.c for Sound eXchange SoX 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields...
SUSE CVE-2014-8145
Multiple heap-based buffer overflows in Sound eXchange SoX 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the 1 startread or 2 AdpcmReadBlock function...
SUSE CVE-2017-11332
The startread function in wav.c in Sound eXchange SoX 14.4.2 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted wav file...