FreeBSD : SoX buffer overflows when handling .WAV files (3e4ffe76-e0d4-11d8-9b0a-000347a4fa7d)
Critical Nessus Plugin ID 36863
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionUlf Harnhammar discovered a pair of buffer overflows in the WAV file handling code of SoX. If an attacker can cause her victim to process a specially crafted WAV file with SoX (e.g. through social engineering or through some other program that relies on SoX), arbitrary code can be executed with the privileges of the victim.
SolutionUpdate the affected package.