CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-10536
https://notcve.org/view.php?id=CVE-2018-10536
An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks. Se ha descubierto un problema en WavPack 5.1.0 y anteriores. El componente de analizador WAV contiene una vulnerabilidad que permite la escritura en la memoria debido a que ParseRiffHeaderConfig en riff.c no rechaza múltiples fragmentos de formato. • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html https://github.com/dbry/WavPack/commit/26cb47f99d481ad9b93eeff80d26e6b63bbd7e15 https://github.com/dbry/WavPack/issues/30 https://github.com/dbry/WavPack/issues/31 https://github.com/dbry/WavPack/issues/32 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRWQNE3TH5UF64IKHKK • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-10172
https://notcve.org/view.php?id=CVE-2016-10172
The read_new_config_info function in open_utils.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. La función read_new_config_info en open_utils.c en Wavpack en versiones anteriores a 5.1.0 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo WV manipulado. • http://www.openwall.com/lists/oss-security/2017/01/28/9 http://www.securityfocus.com/bid/95883 https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc https://sourceforge.net/p/wavpack/mailman/message/35561951 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-10169
https://notcve.org/view.php?id=CVE-2016-10169
The read_code function in read_words.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. La función read_code en read_words.c en Wavpack en versiones anteriores a 5.1.0 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo WV manipulado. • http://www.openwall.com/lists/oss-security/2017/01/28/9 http://www.securityfocus.com/bid/95883 https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc https://sourceforge.net/p/wavpack/mailman/message/35557889 https://usn.ubuntu.com/3568-1 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-10171
https://notcve.org/view.php?id=CVE-2016-10171
The unreorder_channels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. La función unreorder_channels en cli/wvunpack.c en Wavpack en versiones anteriores a 5.1.0 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo WV manipulado. • http://www.openwall.com/lists/oss-security/2017/01/28/9 http://www.securityfocus.com/bid/95883 https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc https://sourceforge.net/p/wavpack/mailman/message/35561939 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-10170
https://notcve.org/view.php?id=CVE-2016-10170
The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. La función WriteCaffHeader en cli/caff.c en Wavpack en versiones anteriores a 5.1.0 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo WV manipulado. • http://www.openwall.com/lists/oss-security/2017/01/28/9 http://www.securityfocus.com/bid/95883 https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc https://sourceforge.net/p/wavpack/mailman/message/35561921 • CWE-125: Out-of-bounds Read •