Invalid memcpy in av_packet_ref function leads to denial of service vulnerability in Libav through 12.2

Invalid memcpy in av_packet_ref function leads to denial of service vulnerability in Libav through 12.2

CVE-2018-5766 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

In Libav through 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file.

Learn more about our Web Application Penetration Testing UK.