58116 – (CVE-2004-0557) VUL-0: CVE-2004-0557: SoX buffer overflows when handling .WAV files

Bug 58116 (CVE-2004-0557) - VUL-0: CVE-2004-0557: SoX buffer overflows when handling .WAV files

Summary: VUL-0: CVE-2004-0557: SoX buffer overflows when handling .WAV files

Attachments
mail on vendor-sec (4.31 KB, text/plain) 2004-07-19 17:37 UTC, Ludwig Nussel	Details
buffy.wav (33.73 KB, application/octet-stream) 2004-07-19 17:37 UTC, Ludwig Nussel	Details
sox.patch (736 bytes, patch) 2004-07-19 17:38 UTC, Ludwig Nussel	Details \| Diff
sox.patch.box (470 bytes, text/plain) 2004-07-19 18:05 UTC, Ludwig Nussel	Details
sox.patch.maintained (358 bytes, text/plain) 2004-07-19 18:06 UTC, Ludwig Nussel	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ludwig Nussel 2004-07-19 17:36:17 UTC

Ulf Härnhammar has discovered buffer overflows in SoX. Attached is his mail on 
vendor-sec. The issue is not public yet. CAN-2004-0557

Comment 1 Ludwig Nussel 2004-07-19 17:37:09 UTC

Created attachment 22255 [details]
mail on vendor-sec

Comment 2 Ludwig Nussel 2004-07-19 17:37:57 UTC

Created attachment 22256 [details]
buffy.wav

Comment 3 Ludwig Nussel 2004-07-19 17:38:15 UTC

Created attachment 22257 [details]
sox.patch

Comment 4 Ludwig Nussel 2004-07-19 18:05:54 UTC

Created attachment 22259 [details]
sox.patch.box

Comment 5 Ludwig Nussel 2004-07-19 18:06:12 UTC

Created attachment 22260 [details]
sox.patch.maintained

Comment 6 Vladimir Nadvornik 2004-07-19 21:42:01 UTC

Packages are submitted

Comment 7 Ludwig Nussel 2004-07-26 21:24:45 UTC

CRD 28.07.2004, 16:00 MEST

Comment 8 Ludwig Nussel 2004-07-29 00:47:56 UTC

packages approved

Comment 9 Thomas Biege 2009-10-13 20:29:49 UTC

CVE-2004-0557: CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)