35 matches found
EUVD-2018-2611
Malware in sbrugna...
EUVD-2018-18991
Malware in sbrugna...
SUSE CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
SUSE CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
SUSE CVE-2019-1010315
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig dsdiff.c:282. The attack vector is: Maliciously crafted .wav file. The fixed...
Arbitrary Code Execution
wavpack is vulnerable to arbitrary code execution. A heap-based buffer over-read in the ParseDsdiffHeaderConfig function in cli/dsdiff.c allows a remote attacker to execute arbitrary code on the system or cause a denial-of-service via a malicious DSDIFF file...
DEBIAN-CVE-2019-1010315
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig dsdiff.c:282. The attack vector is: Maliciously crafted .wav file. The fixed...
UBUNTU-CVE-2019-1010315
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig dsdiff.c:282. The attack vector is: Maliciously crafted .wav file. The fixed...
Updated wavpack packages fix security vulnerabilities
Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service CVE-2018-6767. It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cau...
MGASA-2019-0045 Updated wavpack packages fix security vulnerabilities
Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service CVE-2018-6767. It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cau...
Ubuntu: Security Advisory (USN-3578-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
Integer overflow
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
ALPINE-CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
DEBIAN-CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
CVE-2018-10539
CVE-2018-10539 affects WavPack 5.1.0 and earlier for DSDiff input. The vulnerability stems from ParseDsdiffHeaderConfig not validating unknown chunk sizes before memory allocation, with lack of integer-overflow protection in a bytes_to_copy calculation leading to insufficient allocation and poten...
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...