Published: 07/03/2018 Updated: 15/04/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

GPAC up to and including 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gpac gpac
debian debian linux 8.0
canonical ubuntu linux 16.04
canonical ubuntu linux 18.10
canonical ubuntu linux 18.04

GPAC could be made to crash or run programs as your login if it opened a specially crafted file ...

Debian Bug report logs - #902782 CVE-2018-13005 / CVE-2018-13006 Package: src:gpac; Maintainer for src:gpac is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Sat, 30 Jun 2018 20:33:02 UTC Severity: important Tags: fixed-upstream, security, up ...

Debian Bug report logs - #921969 CVE-2018-20760 CVE-2018-20761 CVE-2018-20762 CVE-2018-20763 Package: src:gpac; Maintainer for src:gpac is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Sun, 10 Feb 2019 18:51:01 UTC Severity: grave Tags: fixe ...

Debian Bug report logs - #892526 gpac: CVE-2018-7752: Stack buffer overflow in av_parsersc Package: src:gpac; Maintainer for src:gpac is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 10 Mar 2018 08:03:02 UTC Severity: grave Tags: ...

CWE-119 https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4 https://github.com/gpac/gpac/issues/997 https://lists.debian.org/debian-lts-announce/2019/02/msg00040.html https://usn.ubuntu.com/3926-1/https://usn.ubuntu.com/3926-1/https://nvd.nist.gov

CVE-2018-7752

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect