Описание
Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libass | fixed | 1:0.15.0-1 | package | |
| libass | no-dsa | buster | package | |
| libass | no-dsa | stretch | package |
Примечания
https://github.com/libass/libass/issues/422
https://github.com/libass/libass/issues/423
https://github.com/libass/libass/commit/6835731c2fe4164a0c50bc91d12c43b2a2b4e799 (0.15.0)
EPSS
Процентиль: 81%
0.01578
Низкий
Связанные уязвимости
CVSS3: 8.8
ubuntu
почти 5 лет назад
Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file.
CVSS3: 8.8
nvd
почти 5 лет назад
Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file.
EPSS
Процентиль: 81%
0.01578
Низкий