[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Arbitrary code execution vulnerability in SoX due to improper processing of NIST Sphere and WAV audio files

ID: oval:org.secpod.oval:def:24734Date: (C)2015-06-08   (M)2022-09-21
Class: VULNERABILITYFamily: unix




The host is installed with sox in RHEL 5, 6 or 7 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly process NIST Sphere and WAV audio files. Successful exploitation could allow attackers to execute arbitrary code with the privileges of the user running SoX.

Platform:
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Product:
sox
Reference:
CVE-2014-8145
CVE    1
CVE-2014-8145
CPE    4
cpe:/o:redhat:enterprise_linux:5
cpe:/a:sox:sox
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:6
...

© SecPod Technologies