Veracode Vulnerability DatabaseVERACODE:28339

HistoryDec 06, 2020 - 4:04 a.m.

Denial Of Service (DoS)

2020-12-0604:04:50

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

sox

vulnerability

dos

read samples

hcom file

EPSS

0.005

Percentile

76.8%

JSON

sox is vulnerable to denial of service. An attacker is able to crash the application via the read_samples function in hcom.c via a malicious hcom file.

References

seclists.org/fulldisclosure/2017/Jul/81

lists.debian.org/debian-lts-announce/2017/11/msg00043.html

lists.debian.org/debian-lts-announce/2019/03/msg00007.html

security-tracker.debian.org/tracker/CVE-2017-11358

security.gentoo.org/glsa/201810-02

www.exploit-db.com/exploits/42398/

EPSS

0.005

Percentile

76.8%

JSON

Related for VERACODE:28339