Freeware Advanced Audio mp4ff_read_stsd Denial of Service Vulnerability

Freeware Advanced Audio Decoder is advanced audio encoder. Freeware Advanced Audio Decoder 2 FAAD2 version 2.7, a security vulnerability exists in the common/mp4ff/mp4atom.c/mp4ffreadstsd function, which can be exploited by remote attackers to cause a denial of service vulnerability via a...

Freeware Advanced Audio mp4ff_read_stsd Denial of Service Vulnerability

Freeware Advanced Audio Decoder is advanced audio encoder. Freeware Advanced Audio Decoder 2 FAAD2 version 2.7, a security vulnerability exists in the common/mp4ff/mp4atom.c/mp4ffreadstsd function, which can be exploited by remote attackers to cause a denial of service vulnerability via a...

DEBIAN-CVE-2017-9256

The mp4ffreadstco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 FAAD2 2.7 allows remote attackers to cause a denial of service large loop and CPU consumption via a crafted mp4 file...

DEBIAN-CVE-2017-9222

The mp4ffparsetag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 FAAD2 2.7 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file...

UBUNTU-CVE-2017-9254

The mp4ffreadstts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 FAAD2 2.7 allows remote attackers to cause a denial of service large loop and CPU consumption via a crafted mp4 file...

UBUNTU-CVE-2017-9222

The mp4ffparsetag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 FAAD2 2.7 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted mp4 file...

CVE-2017-9218

CVE-2017-9218 affects Freeware Advanced Audio Decoder 2 (FAAD2) 2.7. The vulnerable component is mp4ff_read_stsd in common/mp4ff/mp4atom.c, where crafted MP4 files can trigger an invalid memory read leading to an application crash (denial of service). Connected sources corroborate the same descri...

CVE-2017-9256

The mp4ffreadstco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 FAAD2 2.7 allows remote attackers to cause a denial of service large loop and CPU consumption via a crafted mp4 file...

PT-2017-3906 · Faad2 Team +1 · Faad2 +1

Name of the Vulnerable Software and Affected Versions: FAAD2 version 2.7 Description: The issue is related to the mp4ff read stsd function, which can be exploited by remote attackers to cause a denial of service. This is achieved through a crafted mp4 file, leading to a large loop and significant...

PT-2017-3905 · Faad2 +1 · Faad2 +1

Name of the Vulnerable Software and Affected Versions: FAAD2 version 2.7 Description: The issue is related to the mp4ff parse tag function, which can lead to a denial of service due to an infinite loop and CPU consumption when processing a crafted mp4 file. This allows remote attackers to exploit...