Invalid Memory Address Dereference in huffcode function leads to Denial of Service in FAAC 1.29.9.2

Invalid Memory Address Dereference in huffcode function leads to Denial of Service in FAAC 1.29.9.2

CVE-2018-19888 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the HCB_ESC case.

Learn more about our Web Application Penetration Testing UK.