CVE-2018-18829

Опубликовано: 30 окт. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.

Ссылки

https://bugzilla.libav.org/show_bug.cgi?id=1136
Exploit
Issue Tracking
Third Party Advisory
https://bugzilla.libav.org/show_bug.cgi?id=1136
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libav:libav:12.3:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00239

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

CVE-2018-18829

CVSS3: 6.5

ubuntu

больше 7 лет назад

There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.

CVE-2018-18829

CVSS3: 6.5

debian

больше 7 лет назад

There exists a NULL pointer dereference in ff_vc1_parse_frame_header_a ...

GHSA-3pfq-8m56-48p7

CVSS3: 6.5

github

больше 3 лет назад

There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.

EPSS

Процентиль: 47%

0.00239

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-476