CVE-2018-14545

2018-07-2308:29:00

Google

osv.dev

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.4%

JSON

There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.

CPENameOperatorVersion
bento4eq1.4.3-600
bento4eq1.4.2-586
bento4eq1.4.2-590
bento4eq1.4.3-608
bento4eq1.5.0-619
bento4eq1.4.3-598
bento4eq1.4.2-589
bento4eq1.5.0-616
bento4eq1.5.0-610
bento4eq1.4.3-595

Name	Operator	Version
bento4	eq	1.4.3-600
bento4	eq	1.4.2-586
bento4	eq	1.4.2-590
bento4	eq	1.4.3-608
bento4	eq	1.5.0-619
bento4	eq	1.4.3-598
bento4	eq	1.4.2-589
bento4	eq	1.5.0-616
bento4	eq	1.5.0-610
bento4	eq	1.4.3-595