CVE-2004-0557
published 2004-08-06CVE-2004-0557: Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary…
critical10CVSS 3.1
AVNACLAuNCCICAC
EXPLOIT
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| debian | sox | < sox 12.17.4-9 (bookworm) | sox 12.17.4-9 (bookworm) |
| gentoo | linux | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | fedora_core | — | — |
| redhat | fedora_core | — | — |
| sox | sox | — | — |
| sox | sox | — | — |
| sox | sox | — | — |
| sox | sox | >= 0 < 12.17.4-9 | 12.17.4-9 |
| sox | sox | >= 0 < 12.17.4-9 | 12.17.4-9 |
| sox | sox | >= 0 < 12.17.4-9 | 12.17.4-9 |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL