CVE-2019-11372

Priority
Description
An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in
Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a
crash.
Ubuntu-Description
It was discovered that MediaInfo contained multiple security issues when
handling certain multimedia files. If a user were tricked into opening a
crafted multimedia file, an attacker could cause MediaInfo to crash, resulting
in a denial of service.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):released (17.12-1ubuntu0.1)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (18.12-2)
Ubuntu 20.10 (Groovy Gorilla):not-affected (18.12-2)
More Information

Updated: 2020-07-30 18:14:29 UTC (commit a3b70c3d501ce61e535d9cd79ccfb402133b155e)