Your submission was sent successfully! Close

CVE-2018-19128

Published: 9 November 2018

In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
libav
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

disco Does not exist

precise Does not exist

trusty Does not exist
(trusty was needs-triage)
upstream Needs triage

xenial Does not exist