Описание
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 7:3.4.6-0ubuntu0.18.04.1 |
| cosmic | released | 7:4.0.4-0ubuntu1 |
| devel | released | 7:4.1.3-1 |
| disco | released | 7:4.1.3-0ubuntu1 |
| esm-apps/bionic | released | 7:3.4.6-0ubuntu0.18.04.1 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE |
Показывать по
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder all ...
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
Уязвимость функции ff_htmlmarkup_to_ass мультимедийной библиотеки FFmpeg, позволяющая нарушителю вызвать отказ в обслуживании
4.3 Medium
CVSS2
6.5 Medium
CVSS3