Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2004-0557

Published: 06/08/2004 Updated: 11/10/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Sox

Vulnerability Summary

Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 up to and including 12.17.4 allow remote malicious users to execute arbitrary code via certain WAV file header fields.

Vulnerable Product Search on Vulmon Subscribe to Product

sox sox 12.17.4

conectiva linux 10.0

sox sox 12.17.2

sox sox 12.17.3

conectiva linux 8.0

conectiva linux 9.0

gentoo linux 1.4

redhat enterprise linux 3.0

redhat enterprise linux desktop 3.0

redhat fedora core core_1.0

redhat fedora core core_2.0

Vendor Advisories

Red Hat: sox security update
Synopsis sox security update Type/Severity Security Advisory: Important Topic Updated sox packages that fix buffer overflows in the WAV file handlingcode are now available Description SoX (Sound eXchange) is a sound file format converter SoX can convertbetween many different digitized sou ...
Debian Security Advisories: DSA-565-1 sox -- buffer overflow
Ulf Härnhammar has reported two vulnerabilities in SoX, a universal sound sample translator, which may be exploited by malicious people to compromise a user's system with a specially crafted wav file For the stable distribution (woody) these problems have been fixed in version 12173-4woody2 For the unstable distribution (sid) these problems h ...

Exploits

Exploit DB: SoX - '.wav' Local Buffer Overflow
//--------------------------------- Begin Code: sox-exploiterc --------------------------------- /* Copyright Rosiello Security 2004 wwwrosielloorg CVE Reference: CAN-2004-0557 Bug Type: Stack Overflow Date: 01/08/2004 Ulf Harnhammar reported that there are two buffer overflows in the 'sox' and 'play' commands The ...
Exploit DB: SoX - Local Buffer Overflow
# POC Exploit for SoX Stack Overflow Vulnerability found by Ulf Harnhammar # Tested Under Slackware 91 # Serkan Akpolat sakpolat@gmxnet | deicide@siyahsapkaorg # Homepage: deicidesiyahsapkaorg # Greets to: Virulent # deicide@gate:~$ play britneywav # sh-205b$ # "jmp %esp" from libcso , change this if needed retJmpEsp=0x4029824B # ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/10819http://www.gentoo.org/security/en/glsa/glsa-200407-23.xmlhttp://www.redhat.com/support/errata/RHSA-2004-409.htmlhttp://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.htmlhttp://www.debian.org/security/2004/dsa-565http://lwn.net/Articles/95530/http://lwn.net/Articles/95529/https://bugzilla.fedora.us/show_bug.cgi?id=1945http://secunia.com/advisories/12175http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000855http://www.mandriva.com/security/advisories?name=MDKSA-2004:076http://seclists.org/fulldisclosure/2004/Jul/1227.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/16827https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9801https://access.redhat.com/errata/RHSA-2004:409https://nvd.nist.govhttps://www.exploit-db.com/exploits/374/https://www.debian.org/security/./dsa-565
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-1183hard-codedCVE-2024-28254CVE-2023-43790buffer overflowbypassCVE-2024-32633CVE-2024-1874CVE-2024-23558
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook