RSS   Podatności dla 'Mp4v2'   RSS

2018-09-20
 
CVE-2018-17236

CWE-416
 

 
The function MP4Free() in mp4property.cpp in libmp4v2 2.1.0 internally calls free() on a invalid pointer, raising a SIGABRT signal.

 
 
CVE-2018-17235

CWE-125
 

 
The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service.

 
2018-02-23
 
CVE-2018-7339

CWE-119
 

 
The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service (overflow, insufficient memory allocation, and segmentation fault) or possibly have unspecified other impact via a crafted mp4 file.

 


Copyright 2024, cxsecurity.com

 

Back to Top