The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2017/Jul/81 | Exploit Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2017/11/msg00043.html | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/03/msg00007.html | Third Party Advisory |
https://security.gentoo.org/glsa/201810-02 | Third Party Advisory |
https://www.exploit-db.com/exploits/42398/ | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2017/Jul/81 | Exploit Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2017/11/msg00043.html | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/03/msg00007.html | Third Party Advisory |
https://security.gentoo.org/glsa/201810-02 | Third Party Advisory |
https://www.exploit-db.com/exploits/42398/ | Exploit Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 03:07
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2017/Jul/81 - Exploit, Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2017/11/msg00043.html - Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2019/03/msg00007.html - Third Party Advisory | |
References | () https://security.gentoo.org/glsa/201810-02 - Third Party Advisory | |
References | () https://www.exploit-db.com/exploits/42398/ - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2017-07-31 13:29
Updated : 2024-11-21 03:07
NVD link : CVE-2017-11332
Mitre link : CVE-2017-11332
CVE.ORG link : CVE-2017-11332
JSON object : View
Products Affected
debian
- debian_linux
sound_exchange_project
- sound_exchange
CWE
CWE-369
Divide By Zero