CVE-2019-8356

Sažetak

An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.

Reference

https://lists.debian.org/debian-lts-announce/2019/05/msg00040.html
https://sourceforge.net/p/sox/bugs/321
https://usn.ubuntu.com/4079-1/
https://usn.ubuntu.com/4079-2/

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

15-02-2019 - 23:29