Mandriva Linux Security Advisory 2015-015 – The sox command line tool is affected by two heap-based buffer overflows, respectively located in functions start_read() and AdpcmReadBlock(). A specially crafted wav file can be used to trigger the vulnerabilities.