{"id":"CVE-2018-19503","details":"An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.","modified":"2026-03-20T11:24:13.393194Z","published":"2018-11-23T19:29:00.340Z","references":[{"type":"WEB","url":"https://seclists.org/bugtraq/2019/Sep/28"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4522"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202006-17"},{"type":"EVIDENCE","url":"https://sourceforge.net/p/faac/bugs/240/"},{"type":"EVIDENCE","url":"https://github.com/TeamSeri0us/pocs/tree/master/faad"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/knik0/faad2","events":[{"introduced":"0"},{"last_affected":"6c2b587f9d120e591fca74dee60b3f320f1c6099"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.8.1"}]}}],"versions":["2_8_0","2_8_1","FAAD2_2_5","FAAD2_2_7","FAAD2_2_7_1","arelease","ver_2_0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-19503.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}