mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-08 22:17:19 +00:00
916 B
916 B
CVE-2018-6767
Description
A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file.
POC
Reference
- http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889276
- https://github.com/dbry/WavPack/issues/27