CVE-2018-10537

An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.
Configurations

Configuration 1

cpe:2.3:a:wavpack:wavpack:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Information

Published : 2018-04-29 03:29

Updated : 2019-12-20 10:15


NVD link : CVE-2018-10537

Mitre link : CVE-2018-10537

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer