Veracode Vulnerability DatabaseVERACODE:28340

HistoryDec 06, 2020 - 4:05 a.m.

Denial Of Service (DoS)

2020-12-0604:05:24

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

sox

denial of service

wav file

EPSS

0.005

Percentile

75.4%

JSON

sox is vulnerable to denial of service (DoS). The vulnerability exists in the startread function in wav.c, allowing a malicious user to crash the application via a crafted wav file.

References

seclists.org/fulldisclosure/2017/Jul/81

lists.debian.org/debian-lts-announce/2017/11/msg00043.html

lists.debian.org/debian-lts-announce/2019/03/msg00007.html

security-tracker.debian.org/tracker/CVE-2017-11332

security.gentoo.org/glsa/201810-02

www.exploit-db.com/exploits/42398/

EPSS

0.005

Percentile

75.4%

JSON

Related for VERACODE:28340