{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-02-19T00:00:00", "descriptions": [{"lang": "en", "value": "The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-12-21T08:06:09", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e"}, {"name": "USN-3578-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3578-1/"}, {"name": "DSA-4125", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4125"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/dbry/WavPack/issues/26"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889274"}, {"name": "44154", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/44154/"}, {"name": "20191219 [slackware-security] wavpack (SSA:2019-353-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/Dec/37"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-7254", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e", "refsource": "MISC", "url": "https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e"}, {"name": "USN-3578-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3578-1/"}, {"name": "DSA-4125", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4125"}, {"name": "https://github.com/dbry/WavPack/issues/26", "refsource": "MISC", "url": "https://github.com/dbry/WavPack/issues/26"}, {"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889274", "refsource": "MISC", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889274"}, {"name": "44154", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/44154/"}, {"name": "20191219 [slackware-security] wavpack (SSA:2019-353-01)", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Dec/37"}, {"name": "http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:24:11.759Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e"}, {"name": "USN-3578-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3578-1/"}, {"name": "DSA-4125", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4125"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/dbry/WavPack/issues/26"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889274"}, {"name": "44154", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/44154/"}, {"name": "20191219 [slackware-security] wavpack (SSA:2019-353-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2019/Dec/37"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-7254", "datePublished": "2018-02-19T23:00:00", "dateReserved": "2018-02-19T00:00:00", "dateUpdated": "2024-08-05T06:24:11.759Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wavpack:wavpack:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCF63128-72B0-4A29-AB4D-AC1B93A04B67", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file."}, {"lang": "es", "value": "La funci\u00f3n ParseCaffHeaderConfig del archivo cli/caff.c de WavPack 5.1.0 permite que un atacante remoto provoque una denegaci\u00f3n de servicio (sobrelectura de b\u00fafer global) o que desencadene un desbordamiento de b\u00fafer o la asignaci\u00f3n incorrecta de memoria mediante un archivo CAF maliciosamente manipulado."}], "id": "CVE-2018-7254", "lastModified": "2019-12-20T10:15:13.983", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-02-19T23:29:00.277", "references": [{"source": "cve@mitre.org", "url": "http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Issue Tracking", "Third Party Advisory"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889274"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/dbry/WavPack/issues/26"}, {"source": "cve@mitre.org", "url": "https://seclists.org/bugtraq/2019/Dec/37"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3578-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4125"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/44154/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "wavpack: Global buffer over-read in ParseCaffHeaderConfig function in cli/caff.c", "id": "1547735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547735"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-122", "details": ["The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.", "An out-of-bounds read flaw was found in the way WavPack handled processing of CAF (Core Audio Format) files. An attacker could potentially use this flaw to crash WavPack by tricking it into processing crafted CAF files."], "name": "CVE-2018-7254", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "wavpack", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "wavpack", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "wavpack", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-02-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-7254\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-7254"], "threat_severity": "Low"}