Описание
There exists a heap-based buffer overflow in vc1_decode_i_block_adv in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:libav:libav:12.3:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.00252
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 7 лет назад
There exists a heap-based buffer overflow in vc1_decode_i_block_adv in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
CVSS3: 6.5
debian
больше 7 лет назад
There exists a heap-based buffer overflow in vc1_decode_i_block_adv in ...
CVSS3: 6.5
github
больше 3 лет назад
There exists a heap-based buffer overflow in vc1_decode_i_block_adv in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
EPSS
Процентиль: 48%
0.00252
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-787