35 matches found
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
PT-2018-9953 · Wavpack +3 · Wavpack +3
Name of the Vulnerable Software and Affected Versions: WavPack versions 5.1.0 and earlier Description: An issue was discovered related to DSDiff input, where out-of-bounds writes can occur due to a lack of validation of unknown chunk sizes in the ParseDsdiffHeaderConfig function. This is caused b...
Ubuntu 17.10 : wavpack vulnerabilities (USN-3578-1)
It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cause a denial of service. CVE-2018-7253 It was discovered that WavPack incorrectly handled certain CAF files. An attacker could possibly use this to cause a...
USN-3578-1: WavPack vulnerabilities
It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cause a denial of service. CVE-2018-7253 It was discovered that WavPack incorrectly handled certain CAF files. An attacker could possibly use this to cause a...
WavPack ParseDsdiffHeaderConfig Function Denial of Service Vulnerability
WavPack is a free, open-source lossless audio compression format developed by David Bryant, with a .wv file extension. A denial of service vulnerability exists in the ParseDsdiffHeaderConfig function of the cli/dsdiff.c file in WavPack 5.1.0. A remote attacker can exploit this vulnerability via a...
CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
DEBIAN-CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
Heap overflow
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
ALPINE-CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...