Mageia: Security Advisory (MGASA-2019-0045)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0186-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware 14.0 / 14.1 / 14.2 / current : wavpack (SSA:2019-353-01)

New wavpack packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2019-353-01. The text itself is copyright C Slackware...

Updated wavpack packages fix security vulnerabilities

Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service CVE-2018-6767. It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cau...

Fedora Update for mingw-wavpack FEDORA-2018-023baab00f

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 26 : wavpack (2018-d94e205df8)

CVE-2018-6767 - CVE-2018-7253 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

Fedora 27 : mingw-wavpack (2018-023baab00f)

Security fix for CVE-2018-6767, CVE-2018-7253, and CVE-2018-7254 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 26 : mingw-wavpack (2018-5950093e69)

Security fix for CVE-2018-6767, CVE-2018-7253, and CVE-2018-7254 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora Update for wavpack FEDORA-2018-3ba1be2e79

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4125-1] wavpack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4125-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 27, 2018 https://www.debian.org/security/faq -...

[ASA-201802-12] wavpack: arbitrary code execution

Arch Linux Security Advisory ASA-201802-12 ========================================== Severity: High Date : 2018-02-23 CVE-ID : CVE-2018-6767 CVE-2018-7253 CVE-2018-7254 Package : wavpack Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-631 Summary ======= Th...

Ubuntu 17.10 : wavpack vulnerabilities (USN-3578-1)

It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cause a denial of service. CVE-2018-7253 It was discovered that WavPack incorrectly handled certain CAF files. An attacker could possibly use this to cause a...

USN-3578-1: WavPack vulnerabilities

It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cause a denial of service. CVE-2018-7253 It was discovered that WavPack incorrectly handled certain CAF files. An attacker could possibly use this to cause a...

CVE-2018-7253

An out-of-bounds heap read flaw was found in the way WavPack handled processing of DSD files. An attacker could potentially use this flaw to crash WavPack by tricking it into processing crafted DSD files...

CVE-2018-7253

CVE-2018-7253 affects WavPack 5.1.0, where ParseDsdiffHeaderConfig (cli/dsdiff.c) can cause a heap-based buffer over-read and possibly heap overwrite via a malicious DSDIFF file, leading to denial of service. The issue is confirmed in multiple advisories (e.g., Debian DSA entries) and FreeBSD/vux...