MGASA-2019-0146

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2019-0146.html

Import Source

https://advisories.mageia.org/MGASA-2019-0146.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2019-0146

Related

CVE-2018-1000100
CVE-2018-13005
CVE-2018-13006
CVE-2018-20760
CVE-2018-20761
CVE-2018-20762
CVE-2018-20763
CVE-2018-7752

Published

2019-04-10T22:07:23Z

Modified

2019-04-10T21:36:14Z

Summary

Updated gpac packages fix security vulnerability

Details

It was discovered that the GPAC MP4Box utility incorrectly handled certain memory operations. If an user or automated system were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-7752, CVE-2018-13005, CVE-2018-13006, CVE-2018-20760, CVE-2018-20761, CVE-2018-20762, CVE-2018-20763, CVE-2018-1000100).

References

https://advisories.mageia.org/MGASA-2019-0146.html
https://bugs.mageia.org/show_bug.cgi?id=24601
https://usn.ubuntu.com/3926-1/

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2019-0146

Affected packages