The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote malicious user to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wavpack wavpack 5.1.0 |
||
debian debian linux 9.0 |
||
canonical ubuntu linux 17.10 |