8 matches found
Updated sox packages fix security vulnerability
CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation CVE-2022-31650: aiff validation CVE-2022-31651: reject implausible rate...
MGASA-2023-0059 Updated sox packages fix security vulnerability
CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation CVE-2022-31650: aiff validation CVE-2022-31651: reject implausible rate...
MGASA-2020-0045 Updated sox packages fix security vulnerabilities
Updated sox packages fix security vulnerabilities: It was discovered that SoX incorrectly handled certain MP3 files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-8354, CVE-2019-8355, CVE-2019-8356, CVE-2019-8357...
MGASA-2018-0211 Updated sox packages fix security vulnerabilities
This update for sox fixes the following security issues: CVE-2017-11332: Fixed the startread function in wav.c, which allowed remote attackers to cause a DoS divide-by-zero via a crafted wav file. CVE-2017-11358: Fixed the readsamples function in hcom.c, which allowed remote attackers to cause a...
MGASA-2014-0561 Updated sox packages fix CVE-2014-8145
Updated sox packages fix security vulnerability: The sox command line tool is affected by two heap-based buffer overflows, respectively located in functions startread and AdpcmReadBlock. A specially crafted wav file can be used to trigger the vulnerabilities CVE-2014-8145...
Updated sox packages fix CVE-2014-8145
Updated sox packages fix security vulnerability: The sox command line tool is affected by two heap-based buffer overflows, respectively located in functions startread and AdpcmReadBlock. A specially crafted wav file can be used to trigger the vulnerabilities CVE-2014-8145...
[slackware-security] sox
New sox packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix buffer overflow security issues that could allow a malicious WAV file to execute arbitrary code. Here are the details from the Slackware 10.0 ChangeLog: Sat Aug 7 17:17:20 AKDT 2004...
Fedora Core 1 : sox-12.17.4-4.fc1 (2004-235)
Updated sox packages that fix buffer overflows in the WAV file handling code are now available. Buffer overflows existed in the parsing of WAV file header fields. It was possible that a malicious WAV file could have caused arbitrary code to be executed when the file was played or converted. Note...