Floating Point Exception Vulnerability in Libav 12.3 Leads to Remote Denial of Service

Floating Point Exception Vulnerability in Libav 12.3 Leads to Remote Denial of Service

CVE-2018-20001 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In Libav 12.3, there is a floating point exception in the range_decode_culshift function (called from range_decode_bits) in libavcodec/apedec.c that will lead to remote denial of service via crafted input.

Learn more about our Web Application Penetration Testing UK.