Описание
In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h.
In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-14326
- https://github.com/enzo1982/mp4v2/releases/tag/v2.1.0
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6YCHVOYPIBGM5HYUMQ77KZH2IHSITKVE
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRSO2IMK6P7MOIZWGWKONPIEHKBA7WL3
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISUIWPKBWPXORUFNWBGFTKQS7UUVUC4
- http://www.openwall.com/lists/oss-security/2018/07/16/1
Связанные уязвимости
CVSS3: 8.8
ubuntu
больше 7 лет назад
In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h.
CVSS3: 8.8
nvd
больше 7 лет назад
In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h.
CVSS3: 8.8
debian
больше 7 лет назад
In MP4v2 2.0.0, there is an integer overflow (with resultant memory co ...