CVE-2017-18247

Опубликовано: 23 мар. 2018

Источник: debian

EPSS Низкий

Описание

The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libav	removed			package
libav	ignored		jessie	package

Примечания

https://bugzilla.libav.org/show_bug.cgi?id=1089
referenced patch 27085d1b should protect direct ./avconv vectors but situation is unclear for library vectors

EPSS

Процентиль: 70%

0.00652

Низкий

Связанные уязвимости

CVE-2017-18247

CVSS3: 6.5

ubuntu

почти 8 лет назад

The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.

CVE-2017-18247

CVSS3: 6.5

nvd

почти 8 лет назад

The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.

GHSA-ww84-6q95-5pgr

CVSS3: 6.5

github

больше 3 лет назад

The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.

EPSS

Процентиль: 70%

0.00652

Низкий