CVE-2018-6767

Published: Feb 6, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

DSA-4125

vendor-advisory

x_refsource_DEBIAN

https://github.com/dbry/WavPack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5

x_refsource_CONFIRM

https://github.com/dbry/WavPack/issues/27

x_refsource_CONFIRM

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889276

x_refsource_CONFIRM

USN-3568-1

vendor-advisory

x_refsource_UBUNTU

20191219 [slackware-security] wavpack (SSA:2019-353-01)

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-6767

Description

Affected Products

References