Wen Bin

**Name of the Vulnerable Software and Affected Versions** bchunk versions 1.2.0 through 1.2.1 **Description** The issue is related to pointer dereference errors. It can be exploited by a remote attacker using a specially crafted .cue file, potentially causing the application to crash. The problem arises when processing a malformed CUE file, leading to an access violation. **Recommendations** For versions 1.2.0 and 1.2.1, consider avoiding the use of malformed .cue files until a patch is available. As a temporary workaround, restrict the processing of .cue files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** bchunk versions 1.2.0 through 1.2.1 **Description** The issue is related to a heap-based buffer overflow that can cause a crash when processing a malformed CUE (.cue) file. This can be exploited by a remote attacker using a specially crafted file, potentially leading to a denial-of-service condition. **Recommendations** For versions 1.2.0 and 1.2.1, update to a version that fixes the heap-based buffer overflow issue to prevent potential crashes when processing malformed CUE files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** bchunk versions 1.2.0 through 1.2.1 **Description** The issue is related to a heap-based buffer overflow that can cause a crash when processing a malformed CUE (.cue) file. This can be exploited by a remote attacker using a specially crafted file to cause the application to terminate abnormally. **Recommendations** For versions 1.2.0 and 1.2.1, consider avoiding the use of bchunk to process untrusted CUE files until a fix is available. As a temporary workaround, restrict the use of bchunk to trusted input files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.