22 matches found
Astra Linux - уязвимость в wavpack
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variables. The impact includes unexpected control flow, crashes, and segfaults. The affected component is ParseCaffHeaderConfig caff.c:486. The attack vector is a maliciously crafted .wav file. The fixed version is after the...
The vulnerability of the ParseCaffHeaderConfig function in the caff.c component of the WavPack audio codec allows a hacker to cause a service failure. This vulnerability stems from the use of uninitialized variables, which can be exploited by attackers.
The vulnerability of the ParseCaffHeaderConfig function in the caff.c component of the WavPack audio codec is related to the use of previously uninitialized variables. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a malicious .wav file...
Arbitrary Code Execution
wavpack is vulnerable to arbitrary code execution. A buffer overflow in the ParseCaffHeaderConfig function in cli/caff.c allows a remote attacker to execute arbitrary code via a malicious CAF file...
Denial Of Service (DoS)
wavpack is vulnerable to denial of service DoS. The vulnerability exists through the use of uninitialized variable in ParseCaffHeaderConfig leads to DoS...
wavpack: Use of uninitialized variable in ParseCaffHeaderConfig leads to DoS
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
EulerOS 2.0 SP8 : wavpack (EulerOS-SA-2019-2095)
According to the versions of the wavpack package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults...
CVE-2019-1010317
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
CVE-2019-1010317
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
CVE-2019-1010317
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
CVE-2019-1010317
CVE-2019-1010317 affects WavPack 5.1.0 and earlier. Root cause: use of an uninitialized variable in ParseCaffHeaderConfig (caff.c:486). Attack: malformed WAV files could trigger unexpected control flow, crashes or segfaults (DoS). Fixed version released after commit f68a9555b548306c5b1ee45199ccdc...
CVE-2019-1010317
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
CVE-2019-1010317
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
CVE-2019-1010317
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
CVE-2019-1010317
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
UBUNTU-CVE-2019-1010317
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
WavPack ParseCaffHeaderConfig Function Denial of Service Vulnerability
WavPack is a free, open-source lossless audio compression format developed by David Bryant, with a .wv file extension. A denial of service vulnerability exists in the ParseCaffHeaderConfig function of the cli/caff.c file in WavPack 5.1.0. This allows remote attackers to exploit the vulnerability ...
Buffer overflow
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service global buffer over-read, or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file...
CVE-2018-7254
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service global buffer over-read, or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file...
CVE-2018-7254
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service global buffer over-read, or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file...
CVE-2018-7254
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service global buffer over-read, or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file...