Astra Linux - уязвимость в sox

There is a heap-based buffer overflow vulnerability in the sphere.c startread function of the Sound Exchange libsox 14.4.2 version and the main commit 42b3557e. A specially crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to exploit this vulnerability...

Astra Linux - уязвимость в sox

In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...

Astra Linux - уязвимость в sox

In SoX 14.4.2, there is a floating-point exception in lsxaiffstartwrite in the aiff.c file of libsox.a...

EUVD-2017-9324

Malware in sbrugna...

EUVD-2017-6826

Malware in sbrugna...

EUVD-2017-6825

Malware in sbrugna...

EUVD-2017-6824

Malware in sbrugna...

EUVD-2021-27603

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-15372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a stack-based buffer overflow in the lsxmsadpcmblockexpandi function of adpcm.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of...

Linux Distros Unpatched Vulnerability : CVE-2014-8145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple heap-based buffer overflows in Sound eXchange SoX 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the 1...

Linux Distros Unpatched Vulnerability : CVE-2017-15642

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In lsxaiffstartread in aiff.c in Sound eXchange SoX 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file. CVE-2017-15642...

Azure Linux 3.0 Security Update: sox (CVE-2017-15371)

The version of sox installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-15371 advisory. - There is a reachable assertion abort in the function soxappendcomment in formats.c in Sound eXchange SoX 14.4.2...

There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.

...

RHEL 5 : sox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sox: two heap out-of-bounds access issues oCERT-2014-010 CVE-2014-8145 - sox: Use-after-free in...

RHEL 7 : sox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sox: buffer overflow read vulnerability CVE-2021-3643 - sox: heap-based buffer overflow vulnerability...

The vulnerability of the read_samples() function in the Sound eXchange (SoX) audio processing software allows a hacker to cause a service failure.

The vulnerability of the readsamples function in the Sound eXchange SoX sound processing software is related to incorrect numerical calculations when processing values with a comma. Exploiting this vulnerability could allow an attacker to cause a service failure...

Oracle Linux 7 : sox (ELSA-2019-2283)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2283 advisory. 14.4.1-7 - Fix CVE-2017-18189 Upstream patch: https://sourceforge.net/p/sox/code/ci/09d7388c8ad5701ed9c59d1d600ff6154b066397/ Resolves: 1553590 Tenable has...

USN-6345-1 sox vulnerability

It was discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause a denial of service...

The vulnerability of the rate_init function in the rate.c component of the Sound eXchange audio editor allows a hacker to cause a service failure.

The vulnerability of the rateinit function in the rate.c component of the Sound eXchange audio editor is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failure...

SUSE CVE-2004-0557

Multiple buffer overflows in the stwavstartread function in wav.c for Sound eXchange SoX 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields...