CVE-2020-24994

Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file.

Link	Resource
https://github.com/libass/libass/issues/422	Patch Third Party Advisory
https://github.com/libass/libass/issues/423	Third Party Advisory
https://github.com/libass/libass/issues/422#issuecomment-806002919	Issue Tracking Patch
https://github.com/libass/libass/commit/6835731c2fe4164a0c50bc91d12c43b2a2b4e	Patch Third Party Advisory

Configuration 1

cpe:2.3:a:libass_project:libass:*:*:*:*:*:*:*:*

---

Published : 2021-03-23 08:15

Updated : 2022-07-22 01:19

---

NVD link : CVE-2020-24994

Mitre link : CVE-2020-24994

No products.

CWE-770