SUSE CVE-2017-18189

In the startread function in xa.c in Sound eXchange SoX through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service...

Denial Of Service (DoS)

sox is vulnerable to denial of service. An infinite loop caused by a corrupt header specifying zero channels In the startread function in xa.c allows an attacker to crash the application...

Denial Of Service (DoS)

SoX is vulnerable to denial of service. An out-of-bounds read in readsamples function in xa.c:219 allows an attacker to crash the application...

SoX Buffer Overflow Vulnerability

SoX is a set of open source audio processing tools. The product supports playing, converting and recording audio in many formats. A buffer overflow vulnerability exists in the 'readsamples' function of the xa.c file in SoX 14.4.2 and earlier. The vulnerability stems from a networked system or...

CVE-2019-1010004

SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: readsamples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189...

Design/Logic Flaw

SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: readsamples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189...

UBUNTU-CVE-2019-1010004

SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: readsamples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189...

CVE-2019-1010004

SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: readsamples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189...

CVE-2019-1010004

SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: readsamples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189...

openSUSE Security Update : sox (openSUSE-2018-185)

This update for sox fixes the following issues : - CVE-2017-11332: Fixed the startread function in wav.c, which allowed remote attackers to cause a DoS divide-by-zero via a crafted wav file. boo1081140 - CVE-2017-11358: Fixed the readsamples function in hcom.c, which allowed remote attackers to...