CVE-2017-11332

The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.2:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

History

21 Nov 2024, 03:07

Type Values Removed Values Added
References () http://seclists.org/fulldisclosure/2017/Jul/81 - Exploit, Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2017/Jul/81 - Exploit, Mailing List, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2017/11/msg00043.html - Third Party Advisory () https://lists.debian.org/debian-lts-announce/2017/11/msg00043.html - Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2019/03/msg00007.html - Third Party Advisory () https://lists.debian.org/debian-lts-announce/2019/03/msg00007.html - Third Party Advisory
References () https://security.gentoo.org/glsa/201810-02 - Third Party Advisory () https://security.gentoo.org/glsa/201810-02 - Third Party Advisory
References () https://www.exploit-db.com/exploits/42398/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/42398/ - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2017-07-31 13:29

Updated : 2024-11-21 03:07


NVD link : CVE-2017-11332

Mitre link : CVE-2017-11332

CVE.ORG link : CVE-2017-11332


JSON object : View

Products Affected

debian

  • debian_linux

sound_exchange_project

  • sound_exchange
CWE
CWE-369

Divide By Zero