CVE-2022-28488

The function wavformatwrite in libwav.c in libwav through 2017-04-20 has an Use of Uninitialized Variable vulnerability...

CVE-2022-28488

The function wavformatwrite in libwav.c in libwav through 2017-04-20 has an Use of Uninitialized Variable vulnerability...

CVE-2022-24792 Potential infinite loop when parsing WAV format file in PJSIP

PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length...

SAyHello - Capturing Audio (.Wav) From Target Using A Link

Capturing audio .wav from target using a link How it works? After the user grants microphone permissions, a website redirect button of your choice is released to distract the target while small audio files about 4 seconds in wav format are sent to the attacker. It uses Recorderjs, plugin for...

Memory Corruption Vulnerability in DCCE HMIware at Dalian Polytechnic Computer Control Engineering Co.

DCCE HMIware configuration editing software, is a special human-machine interface configuration software developed for DCCE touch screen, the software provides users with a powerful integrated development environment, the product is widely used in the field of medical, chemical, electric power,...

Heap overflow

ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the okwavdecodemsadpcmdata function in okwav.c...

Security update for python (moderate)

This update for python fixes the following issues: The following security vulnerabilities were addressed: - Add a check to Lib/wave.py that verifies that at least one channel is provided. Prior to this, attackers could cause a denial of service via a crafted wav format audio file. bsc1083507,...

SUSE SLES11 Security Update : python (SUSE-SU-2018:1786-1)

This update for python fixes the following issues: The following security vulnerabilities were addressed : - Add a check to Lib/wave.py that verifies that at least one channel is provided. Prior to this, attackers could cause a denial of service via a crafted wav format audio file. bsc1083507,...

Design/Logic Flaw

DISPUTED The Waveread.readfmtchunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service divide-by-zero and exception via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python...

DEBIAN-CVE-2017-16942

In libsndfile 1.0.25 fixed in 1.0.26, a divide-by-zero error exists in the function wavw64readfmtchunk in wavw64.c, which may lead to DoS when playing a crafted audio file...

PotPlayer-1.5.42509-Beta

Exploit Title:PotPlayer 1.5.42509 Beta - DOSInteger Division by Zero Author: sajith version: PotPlayer 1.5.42509 Beta Vendor Homepage: http://daumpotplayer.com/ Tested in: Windows XP SP3 rawinput"Hit Enter to create a malicious file" f = open"victim.wav","w"...

Firefox ESR 24.x < 24.4 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 24.x is prior to 24.4 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - A flaw exists in the checkHandshake function due to improper...

Crash during WAV audio file decoding — Mozilla

Security researcher Aki Helin from OUSPG used the Address Sanitizer tool to discover a crash during the decoding of WAV format audio files in some instances. This crash is not exploitable but could be used for a denial of service DOS attack by malicious parties...

RealNetworks RealPlayer WAV File Processing Code Execution (CVE-2005-0611)

A flaw exists in the way RealPlayer processes files encoded using the WAVE format. The vulnerability occurs when RealPlayer attempts to parse a crafted WAV file with an incorrect LIST chunk. An attacker can exploit this vulnerability to inject and execute arbitrary code with the privileges of the...

RealNetworks RealPlayer WAV File Processing Buffer Overflow (CVE-2005-0611)

RealPlayer is a media player developed by RealNetworks, Inc. The application is capable of playing back numerous formats of multimedia files. The WAV format is one of the supported audio formats. RealPlayer uses a plugin library audplin.dll to parse WAV files. A flaw exists in the way RealPlayer...