Download
| Alert*
oval:org.secpod.oval:def:601889
Michele Spagnuolo of the Google Security Team dicovered two heap-based buffer overflows in SoX, the Swiss Army knife of sound processing programs. A specially crafted wav file could cause an application using SoX to crash or, possibly, execute arbitrary code. oval:org.secpod.oval:def:108447 SoX is a sound file format converter SoX can convert between many different digitized sound formats and perform simple sound manipulation functions, including sound effects. oval:org.secpod.oval:def:24734 The host is installed with sox in RHEL 5, 6 or 7 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly process NIST Sphere and WAV audio files. Successful exploitation could allow attackers to execute arbitrary code with the privileg ... |