First published: Fri Nov 09 2018(Updated: )
** DISPUTED ** In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file. NOTE: This may be a duplicate of CVE-2017-17127.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Libav Libav | =12.3 | |
=12.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Libav vulnerability is CVE-2018-19130.
The severity of CVE-2018-19130 is medium with a severity value of 6.5.
The version 12.3 of Libav is affected by CVE-2018-19130.
CVE-2018-19130 allows attackers to cause a denial-of-service via a crafted aac file.
To fix CVE-2018-19130, it is recommended to update to a version of Libav that does not contain the vulnerability.