FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

sox -- memory corruption vulnerabilities

Affected packages
sox <= 14.4.2

Details

VuXML ID 9dd761ff-30cb-11e5-a4a5-002590263bf5
Discovery 2015-07-22
Entry 2015-07-23

Michele Spagnuolo, Google Security Team, reports:

The write heap buffer overflows are related to ADPCM handling in WAV files, while the read heap buffer overflow is while opening a .VOC.

[source]

References

URL http://seclists.org/oss-sec/2015/q3/167

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.