Lucene search
Veracode Vulnerability DatabaseVERACODE:25305HistoryMay 10, 2020 - 11:25 p.m.
Arbitrary Code Execution
2020-05-1023:25:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
EPSS
0.003
Percentile
70.7%
wavpack is vulnerable to arbitrary code execution. The vulnerability exists as the WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.
References
packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html
github.com/dbry/WavPack/commit/26cb47f99d481ad9b93eeff80d26e6b63bbd7e15
github.com/dbry/WavPack/issues/30
github.com/dbry/WavPack/issues/31
github.com/dbry/WavPack/issues/32
seclists.org/bugtraq/2019/Dec/37
usn.ubuntu.com/3637-1/
www.debian.org/security/2018/dsa-4197
Related
nvd
nvd
CVE-2018-10536
2018-04-29 15:29:00
ubuntucve
ubuntucve
CVE-2018-10536
2018-04-29 00:00:00
redhatcve
redhatcve
CVE-2018-10536
2018-05-03 21:48:40
cvelist
cvelist
CVE-2018-10536
2018-04-29 15:00:00
cve
cve
CVE-2018-10536
2018-04-29 15:29:00
prion
prion
Design/Logic Flaw
2018-04-29 15:29:00
debiancve
debiancve
CVE-2018-10536
2018-04-29 15:29:00
alpinelinux
alpinelinux
CVE-2018-10536
2018-04-29 15:29:00
osv
osv
CVE-2018-10536
2018-04-29 15:29:00
wavpack - security update
2018-05-09 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: mingw-wavpack-5.4.0-1.fc32
2021-02-24 20:46:53
[SECURITY] Fedora 33 Update: mingw-wavpack-5.4.0-1.fc33
2021-02-24 20:42:30
[SECURITY] Fedora 28 Update: wavpack-5.1.0-8.fc28
2018-05-26 20:47:16
openvas
openvas
Fedora: Security Advisory for mingw-wavpack (FEDORA-2021-b7826fcedf)
2021-02-25 00:00:00
Fedora: Security Advisory for mingw-wavpack (FEDORA-2021-2e2fc2eac6)
2021-02-25 00:00:00
Ubuntu: Security Advisory (USN-3637-1)
2018-10-26 00:00:00
nessus
nessus
RHEL 7 : wavpack (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 6 : wavpack (Unpatched Vulnerability)
2024-06-03 00:00:00
Fedora 28 : wavpack (2018-17a97bb25b)
2019-01-03 00:00:00
debian
debian
[SECURITY] [DSA 4197-1] wavpack security updaze
2018-05-09 18:24:39
ubuntu
ubuntu
WavPack vulnerabilities
2018-04-30 00:00:00
freebsd
freebsd
wavpack -- multiple vulnerabilities
2018-05-09 00:00:00
slackware
slackware
[slackware-security] wavpack
2019-12-19 23:44:00
mageia
mageia
Updated wavpack packages fix security vulnerabilities
2019-01-23 18:50:09
suse
suse
Security update for wavpack (moderate)
2021-01-24 00:00:00
Security update for wavpack (moderate)
2021-01-24 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1995
2021-07-02 18:19:37