CVE-2019-1010004
published 2019-07-15CVE-2019-1010004: SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: read_samples function at…
medium5.5CVSS 3.0
AVLACLPRNUIRSUCNINAH
SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: read_samples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | sox | < sox 14.4.2-2 (bookworm) | sox 14.4.2-2 (bookworm) |
| sound_exchange_project | sound_exchange | <= 14.4.2 | — |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv7.5HIGH