Unrated severityNVD Advisory· Published Aug 6, 2004· Updated Apr 16, 2026
CVE-2004-0557
CVE-2004-0557
Description
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
Affected products
13cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- www.redhat.com/support/errata/RHSA-2004-409.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/10819nvdExploitPatchVendor Advisory
- www.gentoo.org/security/en/glsa/glsa-200407-23.xmlnvdVendor Advisory
- archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.htmlnvd
- distro.conectiva.com.br/atualizacoes/nvd
- lwn.net/Articles/95529/nvd
- lwn.net/Articles/95530/nvd
- seclists.org/fulldisclosure/2004/Jul/1227.htmlnvd
- secunia.com/advisories/12175nvd
- www.debian.org/security/2004/dsa-565nvd
- www.mandriva.com/security/advisoriesnvd
- bugzilla.fedora.us/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/16827nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9801nvd
News mentions
0No linked articles in our index yet.