CVE-2018-7253

🗓️ 19 Feb 2018 23:00:29Reported by [email protected]Type

ParseDsdiffHeaderConfig function in WavPack 5.1.0 allows remote attackers to cause denial-of-service or heap overwrite via crafted DSDIFF file

Reporter	Title	Published	Views	Family All 49
Cvelist	CVE-2018-7253	19 Feb 201823:00	–	cvelist
OSV	CVE-2018-7253	19 Feb 201823:29	–	osv
OSV	wavpack - security update	27 Feb 201800:00	–	osv
OSV	OPENSUSE-SU-2024:11505-1 libwavpack1-32bit-5.4.0-1.6 on GA media	15 Jun 202400:00	–	osv
Prion	Heap overflow	19 Feb 201823:29	–	prion
UbuntuCve	CVE-2018-7253	19 Feb 201800:00	–	ubuntucve
RedhatCVE	CVE-2018-7253	21 Feb 201820:19	–	redhatcve
Veracode	Arbitrary Code Execution	10 May 202023:27	–	veracode
CVE	CVE-2018-7253	19 Feb 201823:29	–	cve
Debian CVE	CVE-2018-7253	19 Feb 201823:29	–	debiancve

Nvd

Node

wavpack wavpackMatch5.1.0

Node

debian debian_linuxMatch9.0

Node

canonical ubuntu_linuxMatch17.10

Source	Link
debian	www.debian.org/security/2018/dsa-4125
bugs	www.bugs.debian.org/cgi-bin/bugreport.cgi
seclists	www.seclists.org/bugtraq/2019/Dec/37
github	www.github.com/dbry/WavPack/commit/36a24c7881427d2e1e4dc1cef58f19eee0d13aec
github	www.github.com/dbry/WavPack/issues/28
usn	www.usn.ubuntu.com/3578-1/
packetstormsecurity	www.packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Feb 2018 23:29Current

7.8High risk

Vulners AI Score7.8

CVSS26.8

CVSS37.8

EPSS0.00412

CWE-125