NULL Pointer Dereference in ifilter_bank of FAAD2 2.8.8

NULL Pointer Dereference in ifilter_bank of FAAD2 2.8.8

CVE-2018-20362 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHT_SHORT_SEQUENCE case.

Learn more about our Web Application Penetration Testing UK.