CVE-2017-15371
- EPSS 0.26%
- Veröffentlicht 16.10.2017 04:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
CVE-2017-15370
- EPSS 0.35%
- Veröffentlicht 16.10.2017 04:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
CVE-2017-11359
- EPSS 5.17%
- Veröffentlicht 31.07.2017 13:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav file.
CVE-2017-11358
- EPSS 5.82%
- Veröffentlicht 31.07.2017 13:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file.
CVE-2017-11332
- EPSS 2.59%
- Veröffentlicht 31.07.2017 13:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file.
CVE-2014-8145
- EPSS 13%
- Veröffentlicht 31.12.2014 22:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function.