EUVD-2018-6247

Malware in sbrugna...

EUVD-2018-19071

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-14325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MP4v2 2.0.0, there is an integer underflow with resultant memory corruption when parsing MP4Atom in mp4atom.cpp. CVE-2018-14325 Note that Nessus relies on th...

SUSE CVE-2018-14325

In MP4v2 2.0.0, there is an integer underflow with resultant memory corruption when parsing MP4Atom in mp4atom.cpp...

CVE-2018-14379

MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted MP4 file, because access ...

UBUNTU-CVE-2018-14379

MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted MP4 file, because access ...

CVE-2018-14379

MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted MP4 file, because access ...

Type confusion

MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted MP4 file, because access ...

CVE-2018-14379

CVE-2018-14379 occurs in MP4v2 2.0.0 where MP4Atom::factory uses MP4ItemAtom instead of MP4DataAtom in certain cases, causing type confusion and memory layout mismatches that enable DoS via a crafted MP4 file. Public documentation confirms this vulnerability exists in the libmp4v2 library and rel...

CVE-2018-14379

MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted MP4 file, because access ...

CVE-2018-14379

Removed by vendor...

CVE-2018-14325

In MP4v2 2.0.0, there is an integer underflow with resultant memory corruption when parsing MP4Atom in mp4atom.cpp...

UBUNTU-CVE-2018-14325

In MP4v2 2.0.0, there is an integer underflow with resultant memory corruption when parsing MP4Atom in mp4atom.cpp...

CVE-2018-14325

In MP4v2 2.0.0, there is an integer underflow with resultant memory corruption when parsing MP4Atom in mp4atom.cpp...

PT-2018-12440 · Mp4V2 · Mp4V2

Name of the Vulnerable Software and Affected Versions: MP4v2 version 2.0.0 Description: The issue arises from an integer underflow that leads to memory corruption when parsing MP4Atom in mp4atom.cpp. Recommendations: For MP4v2 version 2.0.0, at the moment, there is no information about a newer...

CVE-2018-14325

Removed by vendor...

MP4v2 Denial of Service Vulnerability

MP4v2 is an open source library written in C++ for handling MP4 containers. A security vulnerability exists in the MP4Atom class of the mp4atom.cpp file in MP4v2 2.0.0 and earlier versions, which stems from the program's failure to properly handle Entry Number validation. A remote attacker can...

Design/Logic Flaw

The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service overflow, insufficient memory allocation, and segmentation fault or possibly have unspecified other impact via a crafte...

UBUNTU-CVE-2018-7339

The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service overflow, insufficient memory allocation, and segmentation fault or possibly have unspecified other impact via a crafte...

CVE-2018-7339

The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service overflow, insufficient memory allocation, and segmentation fault or possibly have unspecified other impact via a crafte...