Vulnerability Details CVE-2020-21723
A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening of crafted ogg file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.2%
CVSS Severity
CVSS v3 Score 5.5
References
- https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-occurs-in-function-streamserializerextractstreams-in-streamserializercpp
- https://sourceforge.net/p/oggvideotools/bugs/10/
- https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-occurs-in-function-streamserializerextractstreams-in-streamserializercpp
- https://sourceforge.net/p/oggvideotools/bugs/10/
Products affected by CVE-2020-21723
-
cpe:2.3:a:ogg_video_tools_project:ogg_video_tools:0.9.1