Download
| Alert*
|
oval:org.secpod.oval:def:2000602
The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted mp4 file. oval:org.secpod.oval:def:603740 libmp4v2-dev is installed oval:org.secpod.oval:def:2000003 The function MP4Free in mp4property.cpp in libmp4v2 2.1.0 internally calls free on a invalid pointer, raising a SIGABRT signal. oval:org.secpod.oval:def:2000145 The function mp4v2:impl::MP4Track::FinishSdtp in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service. oval:org.secpod.oval:def:2001259 MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted MP4 file. oval:org.secpod.oval:def:2000263 MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to use of an inappropriate data type for associated atoms. The resulting type confusion can cause out-of-bounds memory access. oval:org.secpod.oval:def:2000605 MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted MP4 file, because access to the data structur ... oval:org.secpod.oval:def:2000684 In MP4v2 2.0.0, there is an integer underflow when parsing MP4Atom in mp4atom.cpp. oval:org.secpod.oval:def:2001469 In MP4v2 2.0.0, there is an integer overflow when resizing MP4Array for the ftyp atom in mp4array.h. oval:org.secpod.oval:def:2000903 A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again in the destructor once an exception is triggered. |
