Описание
There exists a heap-based buffer over-read in ff_vc1_pred_dc in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:libav:libav:12.3:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00238
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 7 лет назад
There exists a heap-based buffer over-read in ff_vc1_pred_dc in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
CVSS3: 6.5
debian
больше 7 лет назад
There exists a heap-based buffer over-read in ff_vc1_pred_dc in vc1_bl ...
CVSS3: 6.5
github
больше 3 лет назад
There exists a heap-based buffer over-read in ff_vc1_pred_dc in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
EPSS
Процентиль: 47%
0.00238
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125