CVE-2018-6406
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read and later out-of-bounds write), or possibly have unspecified other impact.
La función ParseVP9SuperFrameIndex en common/libwebm_util.cc en libwebm, hasta la versión 2018-01-30, no valida los datos child_frame_length obtenidos de un archivo .webm. Esto permite que atacantes remotos provoquen una fuga de información o una denegación de servicio (sobrelectura de búfer basada en memoria dinámica o heap y escritura fuera de límites posterior) o que puedan provocar otro tipo de impacto sin especificar.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-01-30 CVE Reserved
- 2018-01-30 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://github.com/dwfault/PoCs/blob/master/libwebm%20ParseVP9SuperFrameIndex%20memory%20corruption/libwebm%20ParseVP9SuperFrameIndex%20OOB%20read.md | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Webmproject Search vendor "Webmproject" | Libwebm Search vendor "Webmproject" for product "Libwebm" | <= 2018-01-30 Search vendor "Webmproject" for product "Libwebm" and version " <= 2018-01-30" | - |
Affected
| ||||||