exploitDog

GHSA-5jqw-6wf2-9j7g

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid memory write, SEGV on unknown address 0x000000000030, and application crash) or possibly have unspecified other impact via a crafted .wav file, aka a NULL pointer dereference.

DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid memory write, SEGV on unknown address 0x000000000030, and application crash) or possibly have unspecified other impact via a crafted .wav file, aka a NULL pointer dereference.

Ссылки

EPSS

Процентиль: 47%

0.00241

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-476

Связанные уязвимости

CVE-2017-14181

CVSS3: 7.8

nvd

больше 8 лет назад

DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid memory write, SEGV on unknown address 0x000000000030, and application crash) or possibly have unspecified other impact via a crafted .wav file, aka a NULL pointer dereference.

EPSS

Процентиль: 47%

0.00241

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-476