CVE Vulnerabilities

CVE-2018-14394

Divide By Zero

Published: Jul 19, 2018 | Modified: Nov 21, 2024
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
LOW

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.

Weakness

The product divides a value by zero.

Affected Software

Name Vendor Start Version End Version
Ffmpeg Ffmpeg * 4.0.2 (excluding)
Ffmpeg Ubuntu artful *
Ffmpeg Ubuntu bionic *
Ffmpeg Ubuntu cosmic *
Ffmpeg Ubuntu devel *
Ffmpeg Ubuntu disco *
Ffmpeg Ubuntu focal *
Ffmpeg Ubuntu jammy *
Ffmpeg Ubuntu kinetic *
Ffmpeg Ubuntu lunar *
Ffmpeg Ubuntu mantic *
Ffmpeg Ubuntu noble *
Ffmpeg Ubuntu oracular *
Ffmpeg Ubuntu upstream *
Ffmpeg Ubuntu xenial *
Libav Ubuntu esm-infra-legacy/trusty *
Libav Ubuntu trusty *
Libav Ubuntu trusty/esm *

References