CVE-2018-13300

EPSS 0.66% · P71 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-13300

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

FFmpeg 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

FFmpeg是FFmpeg（Ffmpeg）团队的一套可录制、转换以及流化音视频的完整解决方案。 FFmpeg 4.0.1版本中的libavformat/movenc.c文件的‘handle_eac3’函数存在缓冲区错误漏洞，该漏洞该源于不正确的参数（AVCodecParameters）被传入到‘avpriv_request_sample’函数中。攻击者可借助特制的AVI文件利用该漏洞造成拒绝服务或泄露信息（数组越界读取）。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2018-13300

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-13300

请登录查看更多情报信息。

https://github.com/FFmpeg/FFmpeg/commit/e6d3fd942f772f54ab6a5ca619cdaadef26b7702x_refsource_MISC
https://github.com/FFmpeg/FFmpeg/commit/95556e27e2c1d56d9e18f5db34d6f756f3011148x_refsource_MISC
http://www.securityfocus.com/bid/104675vdb-entryx_refsource_BID
https://www.debian.org/security/2018/dsa-4249vendor-advisoryx_refsource_DEBIAN
https://nvd.nist.gov/vuln/detail/CVE-2018-13300

Same Patch Batch · n/a · 2018-07-05 · 118 CVEs total

CVE-2018-13223		R Time Token v3 数字错误漏洞
CVE-2018-13301		FFmpeg 安全漏洞
CVE-2018-13252		Entrust Datacard Syntera CS 跨站脚本漏洞
CVE-2018-13251		libming 安全漏洞
CVE-2018-13250		libming 安全漏洞
CVE-2018-13233		GSI 数字错误漏洞
CVE-2018-13232		ENTER 数字错误漏洞
CVE-2018-13231		ENTER 数字错误漏洞
CVE-2018-13230		DestiNeed 数字错误漏洞
CVE-2018-13229		RiptideCoin 数字错误漏洞
CVE-2018-13228		Crowdnext 数字错误漏洞
CVE-2018-13227		MoneyChainNet 数字错误漏洞
CVE-2018-13226		YLCToken 数字错误漏洞
CVE-2018-13225		MyYLC 数字错误漏洞
CVE-2018-13224		Virtual Energy Units 数字错误漏洞
CVE-2018-13212		EthereumLegit 数字错误漏洞
CVE-2018-13215		STK 数字错误漏洞
CVE-2018-13214		GMile 数字错误漏洞
CVE-2018-13213		TravelCoin 数字错误漏洞
CVE-2018-13210		Providence Crypto Casino 数字错误漏洞

Showing top 20 of 118 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2018-13300

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-13300

I. Basic Information for CVE-2018-13300

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-13300

III. Intelligence Information for CVE-2018-13300

Same Patch Batch · n/a · 2018-07-05 · 118 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-13300

Leave a comment