Skip to main content

Wavpack CVE-2018-10536

HIGH
Out-of-bounds Write (CWE-787)
2018-04-29 cve@mitre.org
7.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Apr 29, 2018 - 15:29 nvd
HIGH 7.8

DescriptionNVD

An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.

AnalysisAI

An issue was discovered in WavPack 5.1.0 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks. Affected products include: Wavpack, Debian Debian Linux.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

CVE-2018-7254 HIGH POC
7.8 Feb 19

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of

CVE-2018-7253 HIGH POC
7.8 Feb 19

The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denia

CVE-2018-6767 HIGH POC
7.8 Feb 06

A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote

CVE-2019-11498 MEDIUM POC
6.5 Apr 24

WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depen

CVE-2020-35738 MEDIUM POC
6.1 Dec 28

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a mallo

CVE-2016-10169 MEDIUM POC
5.5 Mar 14

The read_code function in read_words.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out

CVE-2016-10172 MEDIUM POC
5.5 Mar 14

The read_new_config_info function in open_utils.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of s

CVE-2016-10171 MEDIUM POC
5.5 Mar 14

The unreorder_channels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of s

CVE-2016-10170 MEDIUM POC
5.5 Mar 14

The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service

CVE-2019-1010319 MEDIUM POC
5.5 Jul 11

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. Rated medium severity (CVSS 5.5), this

CVE-2019-1010317 MEDIUM POC
5.5 Jul 11

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. Rated medium severity (CVSS 5.5), this

CVE-2019-1010315 MEDIUM POC
5.5 Jul 11

WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. Rated medium severity (CVSS 5.5), this vulnerability is

Share

CVE-2018-10536 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy