Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sox | Sox | 12.17.2 (including) | 12.17.2 (including) |
Sox | Sox | 12.17.3 (including) | 12.17.3 (including) |
Sox | Sox | 12.17.4 (including) | 12.17.4 (including) |
Linux | Conectiva | 8.0 (including) | 8.0 (including) |
Linux | Conectiva | 9.0 (including) | 9.0 (including) |
Linux | Conectiva | 10.0 (including) | 10.0 (including) |
Sox | Ubuntu | dapper | * |
Sox | Ubuntu | devel | * |
Sox | Ubuntu | edgy | * |
Sox | Ubuntu | feisty | * |
Red Hat Enterprise Linux 3 | RedHat | sox-0:12.17.4-4.3 | * |