Required CVE Record Information
Description
In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 2 Total
- https://bugzilla.libav.org/show_bug.cgi?id=1137 x_transferred
- lists.debian.org: [debian-lts-announce] 20191205 [SECURITY] [DLA 2021-1] libav security update mailing-listx_transferred