Lucene search
Veracode Vulnerability DatabaseVERACODE:28493HistoryDec 06, 2020 - 4:49 a.m.
Denial Of Service (DoS)
2020-12-0604:49:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.01 Low
EPSS
Percentile
83.8%
sox is vulnerable to denial of service. An infinite loop caused by a corrupt header specifying zero channels In the startread function in xa.c allows an attacker to crash the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sox:bullseye | eq | 14.4.2+git20190427-2 | |
| sox:buster | eq | 14.4.2+git20190427-1 | |
| sox:sid | eq | 14.4.2+git20190427-2 |
References
access.redhat.com/errata/RHSA-2019:2283
bugs.debian.org/cgi-bin/bugreport.cgi?bug=881121
lists.debian.org/debian-lts-announce/2019/02/msg00042.html
lists.fedoraproject.org/archives/list/[email protected]/message/62RARFRXGKPNNFFNVDV7DHJSOKAIZ3CX/
lists.fedoraproject.org/archives/list/[email protected]/message/EUKFZQSZG2ABMTAMOGBMY7MJNSGEIYTL/
public-inbox.org/sox-devel/[email protected]/raw
security-tracker.debian.org/tracker/CVE-2017-18189
Related
nessus
nessus
NewStart CGSL CORE 5.04 / MAIN 5.04 : sox Vulnerability (NS-SA-2019-0203)
2019-10-15 00:00:00
Scientific Linux Security Update : sox on SL7.x x86_64 (20190806)
2019-08-27 00:00:00
EulerOS 2.0 SP2 : sox (EulerOS-SA-2018-1084)
2018-05-02 00:00:00
ubuntucve
ubuntucve
CVE-2017-18189
2018-02-15 00:00:00
CVE-2019-1010004
2019-07-15 00:00:00
redhat
redhat
(RHSA-2019:2283) Low: sox security update
2019-08-06 08:21:10
redhatcve
redhatcve
CVE-2017-18189
2018-02-15 18:19:50
oraclelinux
oraclelinux
sox security update
2019-08-13 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for sox (EulerOS-SA-2018-1084)
2020-01-23 00:00:00
Fedora: Security Advisory for sox (FEDORA-2020-cb7b7181a0)
2020-02-08 00:00:00
Huawei EulerOS: Security Advisory for sox (EulerOS-SA-2018-1083)
2020-01-23 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: sox-14.4.2.0-28.fc31
2020-02-03 01:22:20
[SECURITY] Fedora 30 Update: sox-14.4.2.0-28.fc30
2020-02-08 01:39:56
alpinelinux
alpinelinux
CVE-2017-18189
2018-02-15 10:29:00
cvelist
cvelist
CVE-2017-18189
2018-02-15 10:00:00
CVE-2019-1010004
2019-07-15 01:44:34
amazon
amazon
Low: sox
2019-11-04 22:27:00
nvd
nvd
CVE-2017-18189
2018-02-15 10:29:00
CVE-2019-1010004
2019-07-15 02:15:10
cve
cve
CVE-2017-18189
2018-02-15 10:29:00
CVE-2019-1010004
2019-07-15 02:15:10
centos
centos
sox security update
2019-08-30 04:21:10
debiancve
debiancve
CVE-2017-18189
2018-02-15 10:29:00
CVE-2019-1010004
2019-07-15 02:15:10
prion
prion
Null pointer dereference
2018-02-15 10:29:00
Design/Logic Flaw
2019-07-15 02:15:00
debian
debian
[SECURITY] [DLA 1695-1] sox security update
2019-02-28 12:49:02
osv
osv
sox - security update
2019-02-28 00:00:00
sox - security update
2017-11-30 00:00:00
mageia
mageia
Updated sox packages fix security vulnerabilities
2018-04-30 22:08:07