CVE-2014-8145

EPSS 13.0%

sox - security update

發布日:2014/12/31修改日:2026/4/28

描述

Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function.

受影響套件(4)

Debian/soxfrom 0, < 14.4.2-2
Debian/soxfrom 0, < 14.3.1-1+deb6u1
Debian/soxfrom 0, < 14.4.1-5+deb8u1
Debian/soxfrom 0, < 14.4.0-3+deb7u1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-8145