Your submission was sent successfully! Close

CVE-2016-10169

Published: 14 March 2017

The read_code function in read_words.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
wavpack
Launchpad, Ubuntu, Debian
artful Not vulnerable
(5.0.0-2)
precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was released [4.70.0-1ubuntu0.1])
upstream
Released (5.0.0-2,5.1.0)
xenial
Released (4.75.2-2ubuntu0.1)
yakkety Ignored
(reached end-of-life)
zesty Not vulnerable
(5.0.0-2)
Patches:
upstream: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc