View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2014-8145 medium priority: Ubuntu including 1 source packages (sox), 13 status rows across 13 suites (artful, bionic, cosmic, lucid, precise, trusty, upstream, utopic, vivid, wily, xenial, yakkety, zesty): not-affected 7, ignored 3, released 3.
Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function.