Vendor
Sound Exchange Project
Products
1
CVEs
5
Across products
5
Status
Private
Products
1- 5 CVEs
Recent CVEs
5| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-11359 | Med | 0.39 | 5.5 | 0.05 | Jul 31, 2017 | The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav file. | |
| CVE-2017-11358 | Med | 0.39 | 5.5 | 0.06 | Jul 31, 2017 | The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file. | |
| CVE-2017-11332 | Med | 0.39 | 5.5 | 0.03 | Jul 31, 2017 | The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file. | |
| CVE-2017-15642 | Med | 0.36 | 5.5 | 0.01 | Oct 19, 2017 | In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file. | |
| CVE-2014-8145 | 0.01 | — | 0.13 | Dec 31, 2014 | Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function. |