Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2019-0045
HistoryJan 23, 2019 - 6:50 p.m.

Updated wavpack packages fix security vulnerabilities

2019-01-2318:50:09
Gentoo Foundation
advisories.mageia.org
10

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service (CVE-2018-6767). It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cause a denial of service (CVE-2018-7253). It was discovered that WavPack incorrectly handled certain CAF files. An attacker could possibly use this to cause a denial of service (CVE-2018-7254). Thuan Pham, Marcel BΓΆhme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to execute arbitrary code or cause a denial of service (CVE-2018-10536, CVE-2018-10537). Thuan Pham, Marcel BΓΆhme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to cause a denial of service (CVE-2018-10538, CVE-2018-10539, CVE-2018-10540). It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service (CVE-2018-19840, CVE-2018-19841).

OSVersionArchitecturePackageVersionFilename
Mageia6noarchwavpack<Β 5.1.0-1.1wavpack-5.1.0-1.1.mga6

Related

nessus 37
openvas 34
slackware 1
freebsd 1
fedora 15
suse 3
debian 4
ubuntu 4
osv 15
archlinux 2
rosalinux 1
cloudfoundry 1
gentoo 1
redhatcve 10
veracode 9
prion 10
ubuntucve 10
cve 10
debiancve 10
alpinelinux 10
packetstorm 1
zdt 1
exploitpack 1
oraclelinux 1
redhat 1
rocky 1
almalinux 1
exploitdb 1
nessus
nessus
Slackware 14.0 / 14.1 / 14.2 / current : wavpack (SSA:2019-353-01)
2019-12-20 00:00:00
FreeBSD : wavpack -- multiple vulnerabilities (50210bc1-54ef-11e8-95d9-9c5c8e75236a)
2018-05-14 00:00:00
SUSE SLED15 / SLES15 Security Update : wavpack (SUSE-SU-2021:0186-1)
2021-01-22 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2019-353-01)
2022-04-21 00:00:00
Mageia: Security Advisory (MGASA-2019-0045)
2022-01-28 00:00:00
Fedora Update for wavpack FEDORA-2019-235c682f35
2019-04-24 00:00:00
slackware
slackware
[slackware-security] wavpack
2019-12-19 23:44:00
freebsd
freebsd
wavpack -- multiple vulnerabilities
2018-05-09 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: wavpack-5.1.0-8.fc27
2018-05-26 21:13:05
[SECURITY] Fedora 28 Update: wavpack-5.1.0-12.fc28
2019-04-23 18:49:38
[SECURITY] Fedora 28 Update: wavpack-5.1.0-8.fc28
2018-05-26 20:47:16
suse
suse
Security update for wavpack (moderate)
2021-01-24 00:00:00
Security update for wavpack (moderate)
2021-01-24 00:00:00
Security update for wavpack (moderate)
2019-04-05 00:00:00
debian
debian
[SECURITY] [DSA 4197-1] wavpack security updaze
2018-05-09 18:24:39
[SECURITY] [DSA 4125-1] wavpack security update
2018-02-27 20:32:22
[SECURITY] [DSA 4125-1] wavpack security update
2018-02-27 20:32:22
ubuntu
ubuntu
WavPack vulnerabilities
2018-04-30 00:00:00
WavPack vulnerabilities
2018-12-06 00:00:00
WavPack vulnerabilities
2018-02-22 00:00:00
osv
osv
wavpack - security update
2018-05-09 00:00:00
wavpack - security update
2018-02-27 00:00:00
CVE-2018-10538
2018-04-29 15:29:00
archlinux
archlinux
[ASA-201802-12] wavpack: arbitrary code execution
2018-02-23 00:00:00
[ASA-201802-13] lib32-wavpack: arbitrary code execution
2018-02-23 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1995
2021-07-02 18:19:37
cloudfoundry
cloudfoundry
USN-3839-1: WavPack vulnerabilities | Cloud Foundry
2018-12-10 00:00:00
gentoo
gentoo
WavPack: Multiple vulnerabilities
2020-07-27 00:00:00
redhatcve
redhatcve
CVE-2018-19841
2020-04-08 05:18:42
CVE-2018-19840
2020-04-08 21:09:40
CVE-2018-10536
2018-05-03 21:48:40
veracode
veracode
Arbitrary Code Execution
2020-05-10 23:25:07
Arbitrary Code Execution
2020-05-10 23:25:07
Denial Of Service (DoS)
2020-05-10 23:25:05
prion
prion
Design/Logic Flaw
2018-04-29 15:29:00
Integer overflow
2018-04-29 15:29:00
Out-of-bounds
2018-12-04 09:29:00
ubuntucve
ubuntucve
CVE-2018-10537
2018-04-29 00:00:00
CVE-2018-10536
2018-04-29 00:00:00
CVE-2018-10538
2018-04-29 00:00:00
cve
cve
CVE-2018-10537
2018-04-29 15:29:00
CVE-2018-10539
2018-04-29 15:29:00
CVE-2018-10540
2018-04-29 15:29:00
debiancve
debiancve
CVE-2018-10540
2018-04-29 15:29:00
CVE-2018-19841
2018-12-04 09:29:00
CVE-2018-10539
2018-04-29 15:29:00
alpinelinux
alpinelinux
CVE-2018-10536
2018-04-29 15:29:00
CVE-2018-7254
2018-02-19 23:29:00
CVE-2018-19841
2018-12-04 09:29:00
packetstorm
packetstorm
Wavpack 5.1.0 Denial Of Service
2018-02-23 00:00:00
zdt
zdt
Wavpack 5.1.0 - Denial of Service Exploit
2018-02-21 00:00:00
exploitpack
exploitpack
Wavpack 5.1.0 - Denial of Service
2018-02-21 00:00:00
oraclelinux
oraclelinux
wavpack security update
2020-05-05 00:00:00
redhat
redhat
(RHSA-2020:1581) Low: wavpack security update
2020-04-28 08:53:05
rocky
rocky
wavpack security update
2020-04-28 08:53:05
almalinux
almalinux
Low: wavpack security update
2020-04-28 08:53:05
exploitdb
exploitdb
Wavpack 5.1.0 - Denial of Service
2018-02-21 00:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON
Related for MGASA-2019-0045
nessus37openvas34slackware1freebsd1fedora15suse3debian4ubuntu4osv15archlinux2rosalinux1cloudfoundry1gentoo1redhatcve10veracode9prion10ubuntucve10cve10debiancve10alpinelinux10packetstorm1zdt1exploitpack1oraclelinux1redhat1rocky1almalinux1exploitdb1