Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-21015

Опубликовано: 16 сент. 2019
Источник: debian
EPSS Низкий

Описание

AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gpacfixed1.0.1+dfsg1-2package
gpacno-dsabusterpackage
gpacno-dsastretchpackage
ccextractorfixed0.93+ds2-1package
ccextractorno-dsabullseyepackage
ccextractorno-dsabusterpackage

Примечания

  • https://github.com/gpac/gpac/issues/1179

  • https://github.com/gpac/gpac/commit/0545bb0a01bfac6764c43bd5074e9c2d1eae495f

EPSS

Процентиль: 74%
0.00867
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-21015

CVSS3: 6.5
ubuntu
около 6 лет назад

AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL.

nvd логотип

CVE-2018-21015

CVSS3: 6.5
nvd
около 6 лет назад

AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL.

github логотип

GHSA-2675-7qgw-hjvx

CVSS3: 6.5
github
больше 3 лет назад

AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL.

EPSS

Процентиль: 74%
0.00867
Низкий