Sound eXchange (SoX) multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= SoX is a cross-platform (Windows, Linux, MacOS X, etc.) command line utility that can convert various formats of computer audio files in to other formats. It can also apply various effects to these sound files, and, as an added bonus, SoX can play and record audio files on most platforms. Affected version: ===== 14.4.2 Vulnerability Description: ========================== 1. the startread function in wav.c in Sound eXchange(SoX) 14.4.2 can cause a denial of service(divide-by-zero error and application crash) via a crafted wav file. ./sox sox_14.4.2_divide_by_zero_error_1.wav out.ogg
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment