The vulnerability of the WavpackSetConfiguration64 function in the packUtils.c component of the WavPack audio codec allows a hacker to trigger a service failure by accessing an uninitialized pointer.

The vulnerability of the WavPack audio codec relates to the access to an uninitialized pointer. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a DFF file without proper frequency information...

USN-4682-1: WavPack vulnerability

It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to execute arbitrary code or cause a crash...