CVE-2014-8145

Description

Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function.

Affected packages (4)

• Debian/soxfrom 0, < 14.4.2-2
• Debian/soxfrom 0, < 14.3.1-1+deb6u1
• Debian/soxfrom 0, < 14.4.1-5+deb8u1
• Debian/soxfrom 0, < 14.4.0-3+deb7u1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-8145