CVE-2018-14379 -- mp4v2ID: oval:org.secpod.oval:def:2000605 | Date: (C)2019-06-07 (M)2023-11-13 |
Class: VULNERABILITY | Family: unix |
MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted MP4 file, because access to the data structure has different expectations about layout as a result of this type confusion.
Platform: |
Debian 8.x |
Debian 9.x |