Lucene search

K

PRIOn knowledge basePRION:CVE-2018-10536

HistoryApr 29, 2018 - 3:29 p.m.

Design/Logic Flaw

2018-04-2915:29:00

PRIOn knowledge base

www.prio-n.com

7

AI Score

7.2

Confidence

High

EPSS

0.003

Percentile

70.7%

An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.

References

packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html

github.com/dbry/WavPack/commit/26cb47f99d481ad9b93eeff80d26e6b63bbd7e15

github.com/dbry/WavPack/issues/30

github.com/dbry/WavPack/issues/31

github.com/dbry/WavPack/issues/32

lists.fedoraproject.org/archives/list/[email protected]/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA/

lists.fedoraproject.org/archives/list/[email protected]/message/BRWQNE3TH5UF64IKHKKHVCHJHUOVKJUH/

seclists.org/bugtraq/2019/Dec/37

usn.ubuntu.com/3637-1/

www.debian.org/security/2018/dsa-4197

AI Score

7.2

Confidence

High

EPSS

0.003

Percentile

70.7%

Related for PRION:CVE-2018-10536

nvd1 ubuntucve1 veracode1 redhatcve1 cvelist1 cve1 debiancve1 alpinelinux1 osv2 fedora7 openvas14 nessus15 debian1 ubuntu1 freebsd1 slackware1 mageia1 suse2 rosalinux1