CVE-2017-18189 |
Low |
No |
Denial of service |
In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a... |
CVE-2017-15642 |
Low |
No |
Arbitrary code execution |
In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file. |
CVE-2017-15372 |
Low |
No |
Denial of service |
There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A crafted input will lead to a... |
CVE-2017-15371 |
Low |
No |
Denial of service |
There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A crafted input will lead to a denial... |
CVE-2017-15370 |
Low |
No |
Denial of service |
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A crafted input will lead to a denial of... |
CVE-2017-11359 |
Low |
No |
Denial of service |
The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application... |
CVE-2017-11358 |
Low |
No |
Denial of service |
The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows attackers to cause a denial of service (invalid memory read and application crash)... |
CVE-2017-11332 |
Low |
No |
Denial of service |
The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows attackers to cause a denial of service (divide-by-zero error and application crash)... |