363 matches found
Advisory ROSA-SA-2025-2639
software: faad2 2.11.1 OS: ROSA-CHROME packageevrstring: faad2-2.11.1-1 CVE-ID: CVE-2023-38858 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Buffer overflow vulnerability in infaad2 allows a remote attacker to execute arbitrary code via the mp4info function. CVE-STATUS: The vulnerability has been...
Synology DiskStation FAAD2 Decoder Out-of-bounds Write (CVE-2021-26567)
Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Advisory ROSA-SA-2024-2417
Software: faad2 2.8.8 OS: ROSA Virtualization 2.1 packageevrstring: faad2-2.8.8-6.0.1.rv3 CVE-ID: CVE-2021-32272 BDU-ID: 2022-01810 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the stszin function of the mp4read.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder is related t...
FAAD2: Multiple Vulnerabilities
Background FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder. Description Multiple vulnerabilities have been discovered in FAAD2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
GLSA-202401-13 : FAAD2: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202401-13 FAAD2: Multiple Vulnerabilities - Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c. CVE-2023-38857 -...
Denial Of Service (DoS)
faad2 is vulnerable to Denial Of Service DoS. The vulnerability exists due to the buffer overflow in the stcoin function of mp4read.c, allowing an attacker to inject and execute malicious code and cause application crash...
Ubuntu: Security Advisory (USN-6313-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6313-1 faad2 vulnerabilities
It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-32272, CVE-2021-32273, CVE-2021-32274, CVE-2021-32277,...
USN-6313-1: FAAD2 vulnerabilities
It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-32272, CVE-2021-32273, CVE-2021-32274, CVE-2021-32277,...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : FAAD2 vulnerabilities (USN-6313-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6313-1 advisory. It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...
Faad2 Buffer Overflow Vulnerability
Faad2 is a freeware advanced audio Aac decoder. It is used for Sbr decoding. Faad2 suffers from a buffer overflow vulnerability due to incorrect bounds checking in the stcoin function in mp4read.c. This vulnerability can be exploited to execute arbitrary code in the context of the current process...
Faad2 buffer overflow vulnerability (CNVD-2026-15394)
Faad2 is a freeware advanced audio Aac decoder. It is used for Sbr decoding. Faad2 suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. An attacker could exploit this vulnerability to execute arbitrary code and cause a...
CVE-2023-38858
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039...
CVE-2023-38857
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c...
UBUNTU-CVE-2023-38858
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039...
Faad2 Buffer Error Vulnerability
Faad2 is a freeware Advanced Audio Aac decoder. It is used for Sbr decoding. A security vulnerability exists in Faad2 version v.2.10.1, which stems from the presence of a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code and cause a denial of service...
CVE-2023-38858
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039...
PT-2023-26638 · Faad2 +3 · Faad2 +3
Name of the Vulnerable Software and Affected Versions: faad2 version 2.10.1 Description: The issue allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c. Recommendations: For faad2 version 2.10.1, consider disabling the stcoin functi...
PT-2023-26639 · Faad2 +3 · Faad2 +3
Name of the Vulnerable Software and Affected Versions: faad2 version 2.10.1 Description: A Buffer Overflow issue allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c at line 1039. Recommendations: For faad2 version 2.10.1, consider...
Debian DSA-5109-1 : faad2 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5109 advisory. - There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8....