24 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-18189
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the startread function in xa.c in Sound eXchange SoX through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NUL...
Oracle Linux 7 : sox (ELSA-2019-2283)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2283 advisory. 14.4.1-7 - Fix CVE-2017-18189 Upstream patch: https://sourceforge.net/p/sox/code/ci/09d7388c8ad5701ed9c59d1d600ff6154b066397/ Resolves: 1553590 Tenable has...
Mageia: Security Advisory (MGASA-2018-0211)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 30 : sox (2020-cb7b7181a0)
Fixes CVE-2017-18189. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security,...
Fedora 31 : sox (2020-1dfaa1963b)
Fixes CVE-2017-18189. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security,...
Huawei EulerOS: Security Advisory for sox (EulerOS-SA-2018-1084)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for sox (EulerOS-SA-2018-1083)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : sox Vulnerability (NS-SA-2019-0251)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sox packages installed that are affected by a vulnerability: - In the startread function in xa.c in Sound eXchange SoX through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NUL...
Amazon Linux 2 : sox (ALAS-2019-1352)
A NULL pointer dereference flaw found in the way SoX handled processing of AIFF files. An attacker could potentially use this flaw to crash the SoX application by tricking it into processing crafted AIFF files.CVE-2017-18189 C Tenable Network Security, Inc. The descriptive text and package checks...
NewStart CGSL CORE 5.04 / MAIN 5.04 : sox Vulnerability (NS-SA-2019-0203)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sox packages installed that are affected by a vulnerability: - In the startread function in xa.c in Sound eXchange SoX through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NUL...
CentOS 7 : sox (CESA-2019:2283)
An update for sox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...
Scientific Linux Security Update : sox on SL7.x x86_64 (20190806)
Security Fixes : - sox: NULL pointer dereference in startread function in xa.c CVE-2017-18189 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid128262; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate",...
sox security update
14.4.1-7 - Fix CVE-2017-18189 Upstream patch: https://sourceforge.net/p/sox/code/ci/09d7388c8ad5701ed9c59d1d600ff6154b066397/ Resolves: 1553590...
RHEL 7 : sox (RHSA-2019:2283)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2283 advisory. SoX Sound eXchange is a sound file format converter. SoX can convert between many different digitized sound formats and perform simple sound...
CVE-2019-1010004
SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: readsamples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189...
CVE-2019-1010004
SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: readsamples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189...
Debian DLA-1695-1 : sox security update
Multiple vulnerabilities have been discovered in SoX Sound eXchange, a sound processing program : CVE-2017-15370 The ImaAdpcmReadBlock function src/wav.c is affected by a heap buffer overflow. This vulnerability might be leveraged by remote attackers using a crafted WAV file to cause denial of...
[SECURITY] [DLA 1695-1] sox security update
Package : sox Version : 14.4.1-5+deb8u2 CVE ID : CVE-2017-15370 CVE-2017-15372 CVE-2017-15642 CVE-2017-18189 Debian Bug : 878808, 878810, 882144, 881121 Multiple vulnerabilities have been discovered in SoX Sound eXchange, a sound processing program: CVE-2017-15370 The ImaAdpcmReadBlock function...
Debian: Security Advisory (DLA-1695-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP1 : sox (EulerOS-SA-2018-1083)
According to the versions of the sox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SoX Sound eXchange is a sound file format converter SoX can convert between many different digitized sound formats and perform simple sound...