WavPack out-of-bounds write vulnerability (CNVD-2018-10101)
WavPack is an open source, free audio lossless compression software. A security vulnerability exists in WavPack 5.1.0 and earlier versions, which stems from a failure of the 'ParseRiffHeaderConfig' function in the riff.c file to verify the size of a block before allocating memory. An attacker cou...