Libav · Libav · CVE-2016-7393
**Name of the Vulnerable Software and Affected Versions**
Libav versions prior to 11.5
**Description**
The issue is a stack-based buffer overflow in the `aac sync` function, located in `aac parser.c`, which can be triggered by a crafted file. This can cause a denial of service due to an out-of-bounds read.
**Recommendations**
For versions prior to 11.5, update to version 11.5 or later to resolve the issue.