Vulnerability Name: | CVE-2018-19502 (CCN-153248) | ||||||||||||||||||||||||||||||||||||
Assigned: | 2018-11-22 | ||||||||||||||||||||||||||||||||||||
Published: | 2018-11-22 | ||||||||||||||||||||||||||||||||||||
Updated: | 2020-08-24 | ||||||||||||||||||||||||||||||||||||
Summary: | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c. | ||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 6.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
6.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
| ||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-787 | ||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2018-19502 Source: XF Type: UNKNOWN faad2-cve201819502-bo(153248) Source: CCN Type: GitHub Web site Freeware Advanced Audio Decoder 2 (FAAD2) Source: MISC Type: Exploit, Third Party Advisory https://github.com/TeamSeri0us/pocs/tree/master/faad Source: MLIST Type: UNKNOWN [debian-lts-announce] 20190828 [SECURITY] [DLA 1899-1] faad2 security update Source: BUGTRAQ Type: UNKNOWN 20190916 [SECURITY] [DSA 4522-1] faad2 security update Source: GENTOO Type: UNKNOWN GLSA-202006-17 Source: MISC Type: Exploit, Third Party Advisory https://sourceforge.net/p/faac/bugs/240/ Source: CCN Type: SourceForge Freeware Advanced Audio Codec Project Web site Freeware Advanced Audio Codec Source: DEBIAN Type: UNKNOWN DSA-4522 Source: CCN Type: WhiteSource Vulnerability Database CVE-2018-19502 | ||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
BACK |