Published: 20/04/2019 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

It exists that MediaInfo contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause MediaInfo to crash, resulting in a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mediaarea mediainfo 18.12
fedoraproject fedora 28
fedoraproject fedora 29
fedoraproject fedora 30

Debian Bug report logs - #927672 CVE-2019-11372 CVE-2019-11373 Package: src:libmediainfo; Maintainer for src:libmediainfo is Chow Loong Jin <hyperair@debianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Sat, 20 Apr 2019 22:03:02 UTC Severity: important Tags: fixed-upstream, security, upstream Fixed in ...

MediaInfo could be made to crash if it opened a specially crafted file ...

CWE-125 https://sourceforge.net/p/mediainfo/bugs/1101/https://github.com/MediaArea/MediaInfoLib/pull/1111 https://usn.ubuntu.com/3988-1/http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00069.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00083.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BYKBAXS35KFMU4YLO37VGDIKHEL5HSPO/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B752JY7TABWSVYHFATD37XDD6PVIO5C6/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BC4Z4BGGMSSVTRKVD3OCW4JLH3K2ZNGP/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XYF5I42OBJR7HKJD2OFS6LP26I52IT3M/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOA4AWTRLWVQBZZAKXXQHP7M2NK6CB3Z/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJYASICJ2VUUNGHDBB62FGYQN2SNITM5/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927672 https://usn.ubuntu.com/3988-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-11372

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect