Описание
In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:libav:libav:12.3:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00238
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 6.5
ubuntu
около 7 лет назад
In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.
CVSS3: 6.5
debian
около 7 лет назад
In Libav 12.3, there is a heap-based buffer over-read in decode_frame ...
CVSS3: 6.5
github
больше 3 лет назад
In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.
EPSS
Процентиль: 47%
0.00238
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125