Martin Guy

**Name of the Vulnerable Software and Affected Versions** SoX (affected versions not specified) **Description** A heap-buffer-overflow occurs in the `startread()` function in the `hcom.c` file. This issue is exploitable with a crafted `hcomn` file, which could cause an application to crash. The vulnerability is related to unchecked input data copying, allowing an attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SoX (affected versions not specified) **Description** The issue is related to a divide-by-zero error in the `startread()` function of the `wav.c` file in the SoX sound processing program. This error can be exploited by an attacker using a specially crafted wav file, potentially causing the application to crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.