Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-7254

Опубликовано: 19 фев. 2018
Источник: debian

Описание

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
wavpackfixed5.1.0-3package
wavpacknot-affectedjessiepackage
wavpacknot-affectedwheezypackage

Примечания

  • https://github.com/dbry/WavPack/issues/26

  • https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e

Связанные уязвимости

ubuntu логотип

CVE-2018-7254

CVSS3: 7.8
ubuntu
почти 8 лет назад

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.

redhat логотип

CVE-2018-7254

CVSS3: 3.3
redhat
почти 8 лет назад

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.

nvd логотип

CVE-2018-7254

CVSS3: 7.8
nvd
почти 8 лет назад

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.

github логотип

GHSA-57rx-55jg-62vm

CVSS3: 7.8
github
больше 3 лет назад

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.

suse-cvrf логотип

openSUSE-SU-2021:0154-1

suse-cvrf
около 5 лет назад

Security update for wavpack