Oval Definition:	oval:com.ubuntu.xenial:def:20181999011000
Revision Date: 2018-07-23 Version: 1 Title: CVE-2018-1999011 on Ubuntu 16.04 LTS (xenial) - medium. Description: FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-1999011 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information While related to the CVE in some way, a decision has been made to ignore it. OR The 'ffmpeg' package in xenial is affected and needs fixing. OR The vulnerability of the 'gst-libav1.0' package in xenial is not known (status: 'needs-triage'). It is pending evaluation. OR While related to the CVE in some way, a decision has been made to ignore it (note: 'Ubuntu touch end-of-life'). OR NOT While related to the CVE in some way, the 'vlc' package in xenial is not affected (note: 'code not present').
BACK