 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2018-7254 |
| Description: | The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file. |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-7254 Bugtraq: 20191219 [slackware-security] wavpack (SSA:2019-353-01) (Google Search) https://seclists.org/bugtraq/2019/Dec/37 Debian Security Information: DSA-4125 (Google Search) https://www.debian.org/security/2018/dsa-4125 https://www.exploit-db.com/exploits/44154/ http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889274 https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e https://github.com/dbry/WavPack/issues/26 https://usn.ubuntu.com/3578-1/ |