Arbitrary code execution vulnerability in SoX due to improper processing of NIST Sphere and WAV audio files
|ID: oval:org.secpod.oval:def:24734||Date: (C)2015-06-08 (M)2017-11-07|
|Class: VULNERABILITY||Family: unix|
The host is installed with sox in RHEL 5, 6 or 7 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly process NIST Sphere and WAV audio files. Successful exploitation could allow attackers to execute arbitrary code with the privileges of the user running SoX.
|Red Hat Enterprise Linux 5|
|Red Hat Enterprise Linux 6|
|Red Hat Enterprise Linux 7|