CVE-2019-9719

Name of the Vulnerable Software and Affected Versions Libav version 12.3

Description A stack-based buffer overflow issue exists in the subtitle decoder of Libav, potentially allowing attackers to corrupt the stack via a crafted video file in Matroska format. This issue arises from the misuse of snprintf in the srt to ass function within libavcodec/srtdec.c. However, it is noted that some third parties dispute the existence of this issue, citing a lack of evidence and the basis being a generic warning from static code analysis.

Recommendations For Libav version 12.3, at the moment, there is no information about a newer version that contains a fix for this issue.