Back to search
CVE-2019-1010315
Published: Jul 11, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc.
| Vendor | Product | Versions |
|---|---|---|
WavPack | WavPack | affected <=5.1 [fixed: After commit https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc] |
References
https://github.com/dbry/WavPack/issues/65
x_refsource_MISC
USN-4062-1
vendor-advisory
x_refsource_UBUNTU
FEDORA-2020-e55567b6be
vendor-advisory
x_refsource_FEDORA
FEDORA-2020-73274c9df4
vendor-advisory
x_refsource_FEDORA
[debian-lts-announce] 20210115 [SECURITY] [DLA 2525-1] wavpack security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now