2 matches found
WavPack out-of-bounds write vulnerability (CNVD-2018-10101)
WavPack is an open source, free audio lossless compression software. A security vulnerability exists in WavPack 5.1.0 and earlier versions, which stems from a failure of the 'ParseRiffHeaderConfig' function in the riff.c file to verify the size of a block before allocating memory. An attacker cou...
WavPack Read Across Boundaries Vulnerability
WavPack is an open source, free audio lossless compression software. An out-of-bounds read vulnerability exists in the 'ParseRiffHeaderConfig' function of the cli/riff.c file in WavPack version 5.1.0. A remote attacker can exploit this vulnerability to cause a denial of service via a maliciously...