Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
383
VMScore

CVE-2019-1010319

Published: 11/07/2019 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Wavpack

Vulnerability Summary

WavPack 5.1.0 and previous versions is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:211). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fe.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

wavpack wavpack

fedoraproject fedora 29

fedoraproject fedora 30

fedoraproject fedora 31

canonical ubuntu linux 18.04

canonical ubuntu linux 19.04

debian debian linux 9.0

Vendor Advisories

Ubuntu Security Notice: wavpack vulnerabilities
WavPack could be made to crash if it received a specially crafted WAV file ...
Debian CVElist Bug Report Logs: wavpack: CVE-2019-1010317
Debian Bug report logs - #932060 wavpack: CVE-2019-1010317 Package: src:wavpack; Maintainer for src:wavpack is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 14 Jul 2019 15:27:02 UTC Severity: important Tags: security, upstream Fou ...
Debian CVElist Bug Report Logs: wavpack: CVE-2019-1010319
Debian Bug report logs - #932061 wavpack: CVE-2019-1010319 Package: src:wavpack; Maintainer for src:wavpack is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 14 Jul 2019 15:30:02 UTC Severity: important Tags: security, upstream Fou ...
Red Hat: CVE-2019-1010319
Impact: Moderate Public Date: 2019-08-06 CWE: CWE-665 Bugzilla: 1737740: CVE-2019-1010319 wavpack: use ...

References

CWE-908https://github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fehttps://github.com/dbry/WavPack/issues/68https://usn.ubuntu.com/4062-1/https://lists.debian.org/debian-lts-announce/2021/01/msg00013.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PYESOAZ6Z6IG4BQBURL6OUY6P4YB6SKS/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IX3J2JML5A7KC2BLGBEFTIIZR3EM7LVJ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRWQNE3TH5UF64IKHKKHVCHJHUOVKJUH/https://usn.ubuntu.com/4062-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-1183hard-codedCVE-2024-28254CVE-2023-43790buffer overflowbypassCVE-2024-32633CVE-2024-1874CVE-2024-23558
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook