2 matches found
CVE-2019-9719
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence of a...
CVE-2019-9719
Libav 12.3 contains a stack-based buffer overflow in the subtitle decoder (srt_to_ass in libavcodec/srtdec.c) triggered by crafted Matroska video files; the issue stems from misusing snprintf. Multiple sources (Red Hat, SUSE, Ubuntu, OSV, and others) describe a vulnerability with claims of disput...