CVE-2019-9721

Published: Mar 12, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

107384

vdb-entry

x_refsource_BID

https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65

x_refsource_MISC

USN-3967-1

vendor-advisory

x_refsource_UBUNTU

https://github.com/FFmpeg/FFmpeg/commit/273f2755ce8635d42da3cde0eeba15b2e7842774

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-9721

Description

Affected Products

References