Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2022/04/14 12:0 a.m.4 views

PT-2022-6475 · Sox +4 · Sox +4

Name of the Vulnerable Software and Affected Versions: SoX versions 14.4.2 and earlier Description: The issue is related to a heap-based buffer overflow in the start read function of the Sound Exchange libsox. This can be triggered by a specially-crafted file, potentially allowing a remote attack...

10CVSS6AI score0.07401EPSS
Exploits19References114
OSV
OSV
added 2019/07/15 2:15 a.m.5 views

AZL-45171 CVE-2019-1010004 affecting package sox 14.4.2.0-34

SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: readsamples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189...

5.5CVSS6.4AI score0.01263EPSS
Exploits1References1
OSV
OSV
added 2019/02/15 11:29 p.m.5 views

CVE-2019-8354

An issue was discovered in SoX 14.4.2. lsxmakelpf in effectidsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow...

5CVSS5.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/02/15 12:0 a.m.5 views

PT-2019-2906 · Sox +2 · Sox +2

Name of the Vulnerable Software and Affected Versions: SoX version 14.4.2 Description: A problem was discovered in the lsx make lpf function in effect i dsp.c, which allows a NULL pointer dereference. This issue can be exploited by a remote attacker to cause a denial of service. Recommendations:...

10CVSS6.3AI score0.07401EPSS
Exploits16References75
Rows per page
Query Builder