Lucene search
Veracode Vulnerability DatabaseVERACODE:25304HistoryMay 10, 2020 - 11:25 p.m.
Arbitrary Code Execution
2020-05-1023:25:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
EPSS
0.003
Percentile
70.7%
wavpack is vulnerable to arbitrary code execution. The vulnerability exists as the W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.
References
packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html
github.com/dbry/WavPack/commit/26cb47f99d481ad9b93eeff80d26e6b63bbd7e15
github.com/dbry/WavPack/issues/30
github.com/dbry/WavPack/issues/31
github.com/dbry/WavPack/issues/32
seclists.org/bugtraq/2019/Dec/37
usn.ubuntu.com/3637-1/
www.debian.org/security/2018/dsa-4197
Related
prion
prion
Design/Logic Flaw
2018-04-29 15:29:00
ubuntucve
ubuntucve
CVE-2018-10537
2018-04-29 00:00:00
redhatcve
redhatcve
CVE-2018-10537
2018-05-03 21:48:54
cve
cve
CVE-2018-10537
2018-04-29 15:29:00
alpinelinux
alpinelinux
CVE-2018-10537
2018-04-29 15:29:00
debiancve
debiancve
CVE-2018-10537
2018-04-29 15:29:00
cvelist
cvelist
CVE-2018-10537
2018-04-29 15:00:00
osv
osv
CVE-2018-10537
2018-04-29 15:29:00
wavpack - security update
2018-05-09 00:00:00
nvd
nvd
CVE-2018-10537
2018-04-29 15:29:00
nessus
nessus
Debian DSA-4197-1 : wavpack - security update
2018-05-10 00:00:00
Fedora 28 : wavpack (2018-17a97bb25b)
2019-01-03 00:00:00
Ubuntu 18.04 LTS : WavPack vulnerabilities (USN-3637-1)
2018-05-01 00:00:00
ubuntu
ubuntu
WavPack vulnerabilities
2018-04-30 00:00:00
debian
debian
[SECURITY] [DSA 4197-1] wavpack security updaze
2018-05-09 18:24:39
fedora
fedora
[SECURITY] Fedora 28 Update: wavpack-5.1.0-8.fc28
2018-05-26 20:47:16
[SECURITY] Fedora 28 Update: wavpack-5.1.0-12.fc28
2019-04-23 18:49:38
[SECURITY] Fedora 27 Update: wavpack-5.1.0-8.fc27
2018-05-26 21:13:05
openvas
openvas
Fedora Update for wavpack FEDORA-2018-17a97bb25b
2018-05-27 00:00:00
Ubuntu: Security Advisory (USN-3637-1)
2018-10-26 00:00:00
Debian: Security Advisory (DSA-4197-1)
2018-05-08 00:00:00
freebsd
freebsd
wavpack -- multiple vulnerabilities
2018-05-09 00:00:00
slackware
slackware
[slackware-security] wavpack
2019-12-19 23:44:00
mageia
mageia
Updated wavpack packages fix security vulnerabilities
2019-01-23 18:50:09
suse
suse
Security update for wavpack (moderate)
2021-01-24 00:00:00
Security update for wavpack (moderate)
2021-01-24 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1995
2021-07-02 18:19:37