EPSS
Percentile
76.8%
sox is vulnerable to denial of service. An attacker is able to crash the application via the read_samples function in hcom.c via a malicious hcom file.
read_samples
hcom.c
seclists.org/fulldisclosure/2017/Jul/81
lists.debian.org/debian-lts-announce/2017/11/msg00043.html
lists.debian.org/debian-lts-announce/2019/03/msg00007.html
security-tracker.debian.org/tracker/CVE-2017-11358
security.gentoo.org/glsa/201810-02
www.exploit-db.com/exploits/42398/