CVE-2018-18826

Опубликовано: 30 окт. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.

Ссылки

https://bugzilla.libav.org/show_bug.cgi?id=1135
Exploit
Issue Tracking
Third Party Advisory
https://bugzilla.libav.org/show_bug.cgi?id=1135
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libav:libav:12.3:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00252

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2018-18826

CVSS3: 6.5

ubuntu

больше 7 лет назад

There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.

CVE-2018-18826

CVSS3: 6.5

debian

больше 7 лет назад

There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in ...

GHSA-qg5r-qr4p-h2x5

CVSS3: 6.5

github

больше 3 лет назад

There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.

EPSS

Процентиль: 48%

0.00252

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-787