CVE-2018-1999013

Published: 7/23/2018 Last updated: 8/5/2024 Reserved: 7/13/2018

FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can result in vulnerability allows attacker to read heap memory. This attack appear to be exploitable via specially crafted RM file has to be provided as input. This vulnerability appears to have been fixed in a7e032a277452366771951e29fd0bf2bd5c029f0 and later.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (3)

conf-ffmpeg ffmpeg opus

Products affected (1)

Product	Vendor	Version
n/a	n/a	WCN3990

References (4)

http://www.securityfocus.com/bid/104896
https://github.com/FFmpeg/FFmpeg/commit/a7e032a277452366771951e29fd0bf2bd5c029f0
http://www.securityfocus.com/bid/104896
https://github.com/FFmpeg/FFmpeg/commit/a7e032a277452366771951e29fd0bf2bd5c029f0