CVE-2018-1999013

MEDIUM Year: 2018
CVSS v3 Score
6.5
Medium
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-416
View all →

Vulnerability Description

FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can result in vulnerability allows attacker to read heap memory. This attack appear to be exploitable via specially crafted RM file has to be provided as input. This vulnerability appears to have been fixed in a7e032a277452366771951e29fd0bf2bd5c029f0 and later.

Related Vulnerabilities

CVE-2009-2416

MEDIUM
CVSS:6.5(Medium)

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via...

CWE-4162009

CVE-2010-0629

MEDIUM
CVSS:6.5(Medium)

Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via...

CWE-4162010

CVE-2011-2334

MEDIUM
CVSS:6.5(Medium)

Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections.

CWE-4162011

CVE-2011-2353

MEDIUM
CVSS:6.5(Medium)

Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function.

CWE-4162011

CVE-2014-9482

MEDIUM
CVSS:6.5(Medium)

Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file.

CWE-4162014

CVE-2016-7591

MEDIUM
CVSS:6.5(Medium)

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOHIDFamily" component. It a...

CWE-4162016