18 matches found
Mageia: Security Advisory (MGASA-2019-0045)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:0186-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware 14.0 / 14.1 / 14.2 / current : wavpack (SSA:2019-353-01)
New wavpack packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2019-353-01. The text itself is copyright C Slackware...
Updated wavpack packages fix security vulnerabilities
Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service CVE-2018-6767. It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cau...
Fedora Update for mingw-wavpack FEDORA-2018-023baab00f
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : mingw-wavpack (2018-5950093e69)
Security fix for CVE-2018-6767, CVE-2018-7253, and CVE-2018-7254 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 27 : mingw-wavpack (2018-023baab00f)
Security fix for CVE-2018-6767, CVE-2018-7253, and CVE-2018-7254 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
[SECURITY] [DSA 4125-1] wavpack security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4125-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 27, 2018 https://www.debian.org/security/faq -...
Wavpack 5.1.0 Denial Of Service
Exploit title: Wavpack 5.1.0 - Denial of Service Date: 20.02.2018 Exploit Author: r4xis https://github.com/r4xis Vendor Homepage: http://www.wavpack.com/ Software Links: http://www.wavpack.com/downloads.html https://github.com/dbry/WavPack Version: Wavpack 5.1.0 Tested on: Debian 9.3.0 64 bit...
Ubuntu 17.10 : wavpack vulnerabilities (USN-3578-1)
It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cause a denial of service. CVE-2018-7253 It was discovered that WavPack incorrectly handled certain CAF files. An attacker could possibly use this to cause a...
[ASA-201802-12] wavpack: arbitrary code execution
Arch Linux Security Advisory ASA-201802-12 ========================================== Severity: High Date : 2018-02-23 CVE-ID : CVE-2018-6767 CVE-2018-7253 CVE-2018-7254 Package : wavpack Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-631 Summary ======= Th...
USN-3578-1: WavPack vulnerabilities
It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cause a denial of service. CVE-2018-7253 It was discovered that WavPack incorrectly handled certain CAF files. An attacker could possibly use this to cause a...
CVE-2018-7254
An out-of-bounds read flaw was found in the way WavPack handled processing of CAF Core Audio Format files. An attacker could potentially use this flaw to crash WavPack by tricking it into processing crafted CAF files...
Wavpack 5.1.0 - Denial of Service
Exploit title: Wavpack 5.1.0 - Denial of Service Date: 20.02.2018 Exploit Author: r4xis https://github.com/r4xis Vendor Homepage: http://www.wavpack.com/ Software Links: http://www.wavpack.com/downloads.html https://github.com/dbry/WavPack Version: Wavpack 5.1.0 Tested on: Debian 9.3.0 64 bit...
Wavpack 5.1.0 - Denial of Service Exploit
Exploit for multiple platform in category dos / poc Exploit title: Wavpack 5.1.0 - Denial of Service Date: 20.02.2018 Exploit Author: r4xis https://github.com/r4xis Vendor Homepage: http://www.wavpack.com/ Software Links: http://www.wavpack.com/downloads.html https://github.com/dbry/WavPack...
Wavpack 5.1.0 - Denial of Service
Wavpack 5.1.0 - Denial of Service Exploit title: Wavpack 5.1.0 - Denial of Service Date: 20.02.2018 Exploit Author: r4xis https://github.com/r4xis Vendor Homepage: http://www.wavpack.com/ Software Links: http://www.wavpack.com/downloads.html https://github.com/dbry/WavPack Version: Wavpack 5.1.0...
CVE-2018-7254
WavPack 5.1.0 is affected by multiple header parsing weaknesses in the CLI parsers. Specifically, ParseRiffHeaderConfig (riff.c), ParseDsdiffHeaderConfig (dsdiff.c), and ParseCaffHeaderConfig (caff.c) can mis-handle unknown or malformed chunk data, leading to remote-denial-of-service via buffer o...
CVE-2018-7254
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service global buffer over-read, or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file...