2 matches found
Code injection
DISPUTED An issue was discovered in Libav 12.3. An access violation allows remote attackers to cause a denial of service application crash, as demonstrated by avconv. This is related to ffmpasynthfilterfloat in avcodec/mpegaudiodsptemplate.c. NOTE: This may be a duplicate of CVE-2018-19129...
CVE-2018-19129
CVE-2018-19129 affects Libav 12.3, specifically the ff_mpa_synth_filter_float implementation in libavcodec/mpegaudiodsp_template.c. A NULL pointer dereference can be triggered by parsing a crafted MOV file, leading to a segmentation fault (application crash). The core impact is an availability/de...