QwikSec

Security Database

CVE

CWE

Training

CVE-2018-7254

Published: Feb 19, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e

x_refsource_MISC

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_DEBIAN

https://github.com/dbry/WavPack/issues/26

x_refsource_MISC

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889274

x_refsource_MISC

exploit

x_refsource_EXPLOIT-DB

20191219 [slackware-security] wavpack (SSA:2019-353-01)

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.