Vulnerabilities > CVE-2018-19212 - Always-Incorrect Control Flow Implementation vulnerability in Webmproject Libwebm

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

NVD

Published: 2018-11-12

Updated: 2020-08-24

Summary

In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.

Part	Description	Count
Application	Webmproject Webmproject Libwebm 1.0.0.2 Webmproject Libwebm 1.0.0.3 Webmproject Libwebm 1.0.0.4 Webmproject Libwebm 1.0.0.5 Webmproject Libwebm 1.0.0.6 Webmproject Libwebm 1.0.0.7 Webmproject Libwebm 1.0.0.8 Webmproject Libwebm 1.0.0.9 Webmproject Libwebm 1.0.0.10 Webmproject Libwebm 1.0.0.11 Webmproject Libwebm 1.0.0.12 Webmproject Libwebm 1.0.0.13 Webmproject Libwebm 1.0.0.14 Webmproject Libwebm 1.0.0.15 Webmproject Libwebm 1.0.0.16 Webmproject Libwebm 1.0.0.17 Webmproject Libwebm 1.0.0.18 Webmproject Libwebm 1.0.0.19 Webmproject Libwebm 1.0.0.20 Webmproject Libwebm 1.0.0.21 Webmproject Libwebm 1.0.0.22 Webmproject Libwebm 1.0.0.23 Webmproject Libwebm 1.0.0.24 Webmproject Libwebm 1.0.0.25 Webmproject Libwebm 1.0.0.26 Webmproject Libwebm 1.0.0.27	26