Vulnerability Details CVE-2018-11102
An issue was discovered in Libav 12.3. A read access violation in the mov_probe function in libavformat/mov.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://bugzilla.libav.org/show_bug.cgi?id=1128
- https://docs.google.com/document/d/18xCwfxMSJiQ9ruQSVaO8-jlcobDjFiYXWOaw31V37xo/edit
- https://lists.debian.org/debian-lts-announce/2019/09/msg00000.html
- https://bugzilla.libav.org/show_bug.cgi?id=1128
- https://docs.google.com/document/d/18xCwfxMSJiQ9ruQSVaO8-jlcobDjFiYXWOaw31V37xo/edit
- https://lists.debian.org/debian-lts-announce/2019/09/msg00000.html