CVE-2018-9349

In mv_err_cost of mcomp.c there is a possible out of bounds read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt