CVE-2014-8145
published 2014-12-31CVE-2014-8145: Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | sox | < sox 14.4.2-2 (bookworm) | sox 14.4.2-2 (bookworm) |
| oracle | solaris | — | — |
| sound_exchange_project | sound_exchange | <= 14.4.1 | — |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH