Oval Definition:	oval:com.ubuntu.xenial:def:201813305000
Revision Date: 2018-07-05 Version: 1 Title: CVE-2018-13305 on Ubuntu 16.04 LTS (xenial) - medium. Description: In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-13305 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information While related to the CVE in some way, a decision has been made to ignore it. OR NOT While related to the CVE in some way, the 'ffmpeg' package in xenial is not affected (note: 'code not present'). OR The vulnerability of the 'gst-libav1.0' package in xenial is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'mythtv' package in xenial is not known (status: 'needs-triage'). It is pending evaluation. OR While related to the CVE in some way, a decision has been made to ignore it (note: 'Ubuntu touch end-of-life'). OR NOT While related to the CVE in some way, the 'vlc' package in xenial is not affected (note: 'code not present').
BACK