Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0557

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0557
Last Modified 21 Aug 2010 12:20:46
Published 06 Aug 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0557

Summary

Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.

Vulnerable Systems

Operating System

  • Conectiva Linux 10.0

  • Conectiva Linux 8.0

  • Conectiva Linux 9.0

  • Gentoo Linux 1.4

  • Redhat Enterprise Linux 3.0

  • Redhat Enterprise Linux Desktop 3.0

  • Redhat Fedora Core Core 1.0

  • Redhat Fedora Core Core 2.0

Application

  • Sox 12.17.2

  • Sox 12.17.3

  • Sox 12.17.4


References

BID - 10819

REDHAT - RHSA-2004:409

FEDORA - FLSA:1945

XF - sox-wav-bo(16827)

GENTOO - GLSA-200407-23

DEBIAN - DSA-565

SECUNIA - 12175

FEDORA - FEDORA-2004-244

FEDORA - FEDORA-2004-235

VULNWATCH - 20040728 SoX buffer overflows when handling .WAV files

MANDRAKE - MDKSA-2004:076

CONECTIVA - CLA-2004:855


Last Updated: 27 May 2016 10:38:39