Описание
In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-14325
- https://github.com/enzo1982/mp4v2/releases/tag/v2.1.0
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6YCHVOYPIBGM5HYUMQ77KZH2IHSITKVE
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRSO2IMK6P7MOIZWGWKONPIEHKBA7WL3
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISUIWPKBWPXORUFNWBGFTKQS7UUVUC4
- http://www.openwall.com/lists/oss-security/2018/07/16/1
Связанные уязвимости
CVSS3: 8.8
ubuntu
больше 7 лет назад
In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
CVSS3: 8.8
nvd
больше 7 лет назад
In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
CVSS3: 8.8
debian
больше 7 лет назад
In MP4v2 2.0.0, there is an integer underflow (with resultant memory c ...