CVE-2018-6406

HIGH

Webmproject Libwebm < 2018-01-30 - Out-of-Bounds Read

Title source: rule

Description

The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read and later out-of-bounds write), or possibly have unspecified other impact.

References (2)

Core 2

Core References

Permissions Required x_refsource_misc

https://bugs.chromium.org/p/webm/issues/detail?id=1492

Broken Link x_refsource_misc

https://github.com/dwfault/PoCs/blob/master/libwebm%20ParseVP9SuperFrameIndex%20memory%20corruption/libwebm%20ParseVP9SuperFrameIndex%20OOB%20read.md

Scores

CVSS v3 8.8

EPSS 0.0045

EPSS Percentile 63.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-125

Status published

Products (1)

webmproject/libwebm < 2018-01-30

Published Jan 30, 2018

Tracked Since Feb 18, 2026