WavPack Memory Write Vulnerability

WavPack is an open source, free audio lossless compression software. A security vulnerability exists in WavPack 5.1.0 and earlier versions, which originates from the 'ParseRiffHeaderConfig' function in the riff.c file receiving multiple format chunks, and can be exploited by an attacker to perfor...

WavPack out-of-bounds write vulnerability (CNVD-2018-10101)

WavPack is an open source, free audio lossless compression software. A security vulnerability exists in WavPack 5.1.0 and earlier versions, which stems from a failure of the 'ParseRiffHeaderConfig' function in the riff.c file to verify the size of a block before allocating memory. An attacker cou...

ALPINE-CVE-2018-10538

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...

PT-2018-9950 · Wavpack +3 · Wavpack +3

Name of the Vulnerable Software and Affected Versions: WavPack versions 5.1.0 and earlier Description: A issue in the WAV parser component allows writing to memory due to the ParseRiffHeaderConfig function in riff.c not rejecting multiple format chunks. Recommendations: For versions 5.1.0 and...

WavPack Read Across Boundaries Vulnerability

WavPack is an open source, free audio lossless compression software. An out-of-bounds read vulnerability exists in the 'ParseRiffHeaderConfig' function of the cli/riff.c file in WavPack version 5.1.0. A remote attacker can exploit this vulnerability to cause a denial of service via a maliciously...

DEBIAN-CVE-2018-6767

A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file...

linux/x86 execve(/bin/sh) + RIFF Header 28 bytes

Exploit for linux/x86 platform in category shellcode ================================================ linux/x86 execve/bin/sh + RIFF Header 28 bytes ================================================ / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + RIFF Header - 28 bytes email protected: file...

linux/x86 execve(/bin/sh) + RIFF Header 28 bytes

No description provided by source. / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + RIFF Header - 28 bytes root@magicbox: file linux-sh-riffhdr.bin linux-sh-riffhdr.bin: RIFF little-endian data - izik [email protected] / char shellcode = // // RIFF Header 5 bytes // "\x52" // push %edx "\x49" // dec...

linux/x86 - execve/bin/sh + RIFF Header 28 bytes

linux/x86 execve/bin/sh + RIFF Header 28 bytes. Shellcode exploit for linx86 platform / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + RIFF Header - 28 bytes root@magicbox: file linux-sh-riffhdr.bin linux-sh-riffhdr.bin: RIFF little-endian data - izik / char shellcode = // // RIFF Header 5 bytes ...