Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sox vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-15372
There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
Sound Exchange Project Sound Exchange 14.4.2
Debian Debian Linux 7.0
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2017-15370
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
Sound Exchange Project Sound Exchange 14.4.2
Debian Debian Linux 7.0
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2017-11332
The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file.
Sound Exchange Project Sound Exchange 14.4.2
Debian Debian Linux 7.0
Debian Debian Linux 8.0
1 EDB exploit
5.5
CVSSv3
CVE-2017-11358
The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote malicious users to cause a denial of service (invalid memory read and application crash) via a crafted hcom file.
Sound Exchange Project Sound Exchange 14.4.2
Debian Debian Linux 8.0
Debian Debian Linux 7.0
1 EDB exploit
5.5
CVSSv3
CVE-2017-11359
The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav file.
Sound Exchange Project Sound Exchange 14.4.2
Debian Debian Linux 7.0
Debian Debian Linux 8.0
1 EDB exploit
5.5
CVSSv3
CVE-2017-11333
The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote malicious users to cause a denial of service (OOM) via a crafted wav file.
Xiph.org Libvorbis 1.3.5
1 EDB exploit
5
CVSSv3
CVE-2019-8354
An issue exists in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow.
Sound Exchange Project Sound Exchange 14.4.2
NA
CVE-2014-8145
Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and previous versions allow remote malicious users to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function.
Sound Exchange Project Sound Exchange
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Oracle Solaris 11.2
NA
CVE-2004-0557
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 up to and including 12.17.4 allow remote malicious users to execute arbitrary code via certain WAV file header fields.
Sox Sox 12.17.4
Conectiva Linux 10.0
Sox Sox 12.17.2
Sox Sox 12.17.3
Conectiva Linux 8.0
Conectiva Linux 9.0
Gentoo Linux 1.4
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux Desktop 3.0
Redhat Fedora Core Core 1.0
Redhat Fedora Core Core 2.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3