Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-18189

Опубликовано: 15 фев. 2018
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:sound_exchange_project:sound_exchange:*:*:*:*:*:*:*:*
Версия до 14.4.2 (включая)
Конфигурация 2
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 90%
0.05714
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

ubuntu логотип

CVE-2017-18189

CVSS3: 7.5
ubuntu
почти 8 лет назад

In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.

redhat логотип

CVE-2017-18189

CVSS3: 3.3
redhat
почти 8 лет назад

In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.

debian логотип

CVE-2017-18189

CVSS3: 7.5
debian
почти 8 лет назад

In the startread function in xa.c in Sound eXchange (SoX) through 14.4 ...

github логотип

GHSA-7cwr-p3p4-jp5x

CVSS3: 7.5
github
больше 3 лет назад

In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.

oracle-oval логотип

ELSA-2019-2283

oracle-oval
больше 6 лет назад

ELSA-2019-2283: sox security update (LOW)

EPSS

Процентиль: 90%
0.05714
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476