| Max CVSS | 4.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-11358 | 4.3 |
The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file.
|
07-02-2023 - 01:15 | 31-07-2017 - 13:29 | |
| CVE-2017-15642 | 4.3 |
In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file.
|
24-06-2021 - 15:16 | 19-10-2017 - 19:29 | |
| CVE-2017-15371 | 4.3 |
There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
|
24-06-2021 - 15:16 | 16-10-2017 - 04:29 | |
| CVE-2017-15372 | 4.3 |
There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
|
24-06-2021 - 15:16 | 16-10-2017 - 04:29 | |
| CVE-2017-15370 | 4.3 |
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
|
24-06-2021 - 15:16 | 16-10-2017 - 04:29 | |
| CVE-2017-11332 | 4.3 |
The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file.
|
08-03-2019 - 01:39 | 31-07-2017 - 13:29 | |
| CVE-2017-11359 | 4.3 |
The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav file.
|
08-03-2019 - 01:38 | 31-07-2017 - 13:29 |