In the startread function in xa.c in Sound eXchange (SoX) up to and including 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote malicious user to cause a denial-of-service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sound exchange project sound exchange |
||
debian debian linux 8.0 |