[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Arbitrary code execution vulnerability in SoX due to improper processing of NIST Sphere and WAV audio files

ID: oval:org.secpod.oval:def:24734Date: (C)2015-06-08   (M)2017-07-03
Class: VULNERABILITYFamily: unix




The host is installed with sox in RHEL 5, 6 or 7 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly process NIST Sphere and WAV audio files. Successful exploitation could allow attackers to execute arbitrary code with the privileges of the user running SoX.

Platform:
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Product:
sox
Reference:
CVE-2014-8145
CVE    1
CVE-2014-8145
CPE    4
cpe:/a:sox:sox
cpe:/o:redhat:enterprise_linux:5
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:6
...

© 2013 SecPod Technologies