[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110204

 
 

909

 
 

85984

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

Arbitrary code execution vulnerability in SoX due to improper processing of NIST Sphere and WAV audio files

ID: oval:org.secpod.oval:def:24734Date: (C)2015-06-08   (M)2018-05-13
Class: VULNERABILITYFamily: unix




The host is installed with sox in RHEL 5, 6 or 7 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly process NIST Sphere and WAV audio files. Successful exploitation could allow attackers to execute arbitrary code with the privileges of the user running SoX.

Platform:
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Product:
sox
Reference:
CVE-2014-8145
CVE    1
CVE-2014-8145
CPE    4
cpe:/a:sox:sox
cpe:/o:redhat:enterprise_linux:5
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:6
...

© SecPod Technologies