Denial of Service Vulnerability in SoX 14.4.2: Assertion Abort in sox_append_comment()

Denial of Service Vulnerability in SoX 14.4.2: Assertion Abort in sox_append_comment()

CVE-2017-15371 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.

Learn more about our Cis Benchmark Audit For Microsoft Exchange Server.