In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212.
References
Link | Resource |
---|---|
https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7 | Mailing List Patch Third Party Advisory |
https://bugs.chromium.org/p/webm/issues/detail?id=1605 | Permissions Required Third Party Advisory |
Configurations
Information
Published : 2019-03-13 09:29
Updated : 2019-03-14 04:51
NVD link : CVE-2019-9746
Mitre link : CVE-2019-9746
JSON object : View
CWE
CWE-476
NULL Pointer Dereference
Products Affected
webmproject
- libwebm