Out-of-bounds Read Vulnerability in MediaInfo by MediaArea
CVE-2019-11373

6.5MEDIUM

Key Information:

Vendor

Mediaarea

Status
Mediainfo
Vendor
CVE Published:
20 April 2019

What is CVE-2019-11373?

An out-of-bounds read in the Get_L8 function of File__Analyze class within MediaInfoLib can lead to unexpected behavior, including application crashes. This issue arises from improper handling of data, allowing unauthorized access to memory locations, which could potentially compromise application stability. Users are advised to update to the latest version of MediaInfo to mitigate this risk.

References

https://github.com/MediaArea/MediaInfoLib/pull/1111
x_refsource_MISC
https://sourceforge.net/p/mediainfo/bugs/1101/
x_refsource_MISC
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.