Out-of-bounds Read
CVE-2018-1999010
Summary
FFmpeg before 2.8.15, 2.9-dev before 3.0.12, 3.1-dev before 3.2.11, 3.3-dev before 3.3.8, 3.4-dev before 3.4.3, 3.5-dev before 4.0.2, and 4.1-dev contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-125 - Out-of-Bounds Read
Out-of-bounds read is a vulnerability that allows access to memory beyond the authorized accessible location. Such a vulnerability compromises the confidentiality of the trusted environment in the application and enables an attacker to launch further attacks by leveraging the exposed information.
References
Advisory Timeline
- Published