Описание
Integer underflow in the Huffman decoding functionality (pvmp3_huffman_parsing.cpp) in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:android:opencore:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02138
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-189
Связанные уязвимости
github
почти 4 года назад
Integer underflow in the Huffman decoding functionality (pvmp3_huffman_parsing.cpp) in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption.
EPSS
Процентиль: 84%
0.02138
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-189