cpe:/a:audiocoding:freeware_advanced_audio_decoder_2:2.8.8 CVE-2018-20362 2018-12-22T10:29:00.730-05:00 2019-05-19T12:29:00.680-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20190916 [SECURITY] [DSA 4522-1] faad2 security update DEBIAN DSA-4522 MLIST [debian-lts-announce] 20190519 [SECURITY] [DLA 1791-1] faad2 security update MISC https://github.com/knik0/faad2/issues/26 A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHT_SHORT_SEQUENCE case.