SoX contains a flaw that may allow a malicious user to execute arbitrary code on a remote system. The issue is triggered when a user executes a specially crafted .wav file created by a malicious user which will overflow a buffer in the st_wavstartread() function of wav.c. It is possible that the flaw may allow remote code execution on the local system resulting in a loss of confidentiality and integrity.

Upgrade to version 12.17.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Bugtraq ID: 10819
• Secunia Advisory ID: 12175 12176 12268 12819
• ISS X-Force ID: 16827
• CVE ID: 2004-0557 (see also: NVD)
• Milw0rm: 369 374
• Exploit Database: 369 374
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-07/0359.html
• Vendor Specific Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000855
  http://www.gentoo.org/security/en/glsa/glsa-200407-23.xml
  http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:076
  http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.362646
• Vendor URL: http://sox.sourceforge.net/
• Other Advisory URL: http://www.debian.org/security/2004/dsa-565
  http://www.securiteam.com/unixfocus/6S00B0UBGG.html
• RedHat RHSA: RHSA-2004:409-05

• Angelo Rosiello - angelorosiello.org -