Vulnerability Name: | CVE-2004-0557 (CCN-16827) | ||||||||||||||||||||
Assigned: | 2004-07-28 | ||||||||||||||||||||
Published: | 2004-07-28 | ||||||||||||||||||||
Updated: | 2017-10-11 | ||||||||||||||||||||
Summary: | Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. | ||||||||||||||||||||
CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||
CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||||||
Vulnerability Type: | CWE-Other | ||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
References: | Source: CCN Type: VulnWatch Mailing List, Wed Jul 28 2004 - 13:53:13 CDT SoX buffer overflows when handling .WAV files Source: VULNWATCH Type: UNKNOWN 20040728 SoX buffer overflows when handling .WAV files Source: MITRE Type: CNA CVE-2004-0557 Source: CONECTIVA Type: UNKNOWN CLA-2004:855 Source: CCN Type: Conectiva Linux Security Announcement CLSA-2004:855 Buffer overflow vulnerability Source: FEDORA Type: UNKNOWN FEDORA-2004-235 Source: FEDORA Type: UNKNOWN FEDORA-2004-244 Source: CCN Type: RHSA-2004-409 sox security update Source: FULLDISC Type: UNKNOWN 20040728 SoX buffer overflows when handling .WAV files Source: CCN Type: SA12175 SoX ".WAV" File Processing Buffer Overflow Vulnerabilities Source: SECUNIA Type: UNKNOWN 12175 Source: CCN Type: Slackware Security Advisories Tue, 10 Aug 2004 14:33:16 -0700 (PDT) [slackware-security] sox (SSA:2004-223-03) Source: CCN Type: SoX Web page SoX - Sound eXchange Source: DEBIAN Type: UNKNOWN DSA-565 Source: DEBIAN Type: DSA-565 sox -- buffer overflow Source: CCN Type: GLSA-200407-23 SoX: Multiple buffer overflows Source: GENTOO Type: Vendor Advisory GLSA-200407-23 Source: MANDRAKE Type: UNKNOWN MDKSA-2004:076 Source: REDHAT Type: Patch, Vendor Advisory RHSA-2004:409 Source: BID Type: Exploit, Patch, Vendor Advisory 10819 Source: CCN Type: BID-10819 SoX WAV File Buffer Overflow Vulnerability Source: FEDORA Type: UNKNOWN FLSA:1945 Source: XF Type: UNKNOWN sox-wav-bo(16827) Source: XF Type: UNKNOWN sox-wav-bo(16827) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9801 Source: SUSE Type: SUSE-SA:2004:023 libpng: remote system compromise | ||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1: Denotes that component is vulnerable | ||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
BACK |