UBUNTU-CVE-2019-8378

An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4BitStream::ReadBytes in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a Denial of Service...

CVE-2019-8378

An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4BitStream::ReadBytes in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a Denial of Service...

CVE-2019-8378

The CVE-2019-8378 entry covers Bento4 1.5.1-628 with a heap-based buffer over-read in AP4_BitStream::ReadBytes() (Codecs/Ap4BitStream.cpp). A crafted file sent to the aac2mp4 binary can trigger a Segmentation fault, causing a Denial of Service, with possible unspecified other impact. Connected re...

UBUNTU-CVE-2019-7582

The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure...

CVE-2019-7582

The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure...

CVE-2019-7582

The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure...

Design/Logic Flaw

The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure...

CVE-2019-7582

The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure...

CVE-2019-7582

The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure...

CVE-2019-7582

The CVE-2019-7582 issue affects the libming project (libming 0.4.8 and earlier), specifically the readBytes function in util/read.c. A crafted SWF file can trigger a memory allocation failure, with impact described as unspecified in the provided sources. The publicly available documents do not sp...

Google Android integer overflow vulnerability (CNVD-2019-01769)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An integer overflow vulnerability exists in readBytes in xltdecwbxml.c in Google Android. An attacker can exploit this vulnerability to cause an out-of-bounds read, which...

CVE-2018-9565

In readBytes of xltdecwbxml.c, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID:...

libming denial of service vulnerability (CNVD-2018-12759)

libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. A security vulnerability exists in the 'readBytes' function of the util/read.c file in libming version 0.4.8, which originates from a program...

Design/Logic Flaw

In libming 0.4.8, there is an excessive memory allocation attempt in the readBytes function of the util/read.c file, related to parseSWFDEFINEBITSJPEG2. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file...

CVE-2018-13251

In libming 0.4.8, there is an excessive memory allocation attempt in the readBytes function of the util/read.c file, related to parseSWFDEFINEBITSJPEG2. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file...

Bento4 'AP4_BitStream::ReadBytes' Heap Buffer Overflow Vulnerability

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in AP4BitStream::ReadBytes in the Codecs/Ap4BitStream.cpp file in Bento4 version 1.5.0-617. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer out-of-boun...

UBUNTU-CVE-2017-14645

A heap-based buffer over-read was discovered in AP4BitStream::ReadBytes in Codecs/Ap4BitStream.cpp in Bento4 version 1.5.0-617. The vulnerability causes an application crash, which leads to remote denial of service...

CVE-2017-14645

CVE-2017-14645 affects Bento4; concrete details exist across sources. A heap-based buffer over-read in AP4_BitStream::ReadBytes() within Codecs/Ap4BitStream.cpp is reported, affecting Bento4 versions 1.5.0-617 and 1.5.1-628. The vulnerability can crash the application, leading to remote denial of...

libreoffice: Crash in HStream::readBytes

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=4509432228610048 Project: libreoffice Fuzzer: libFuzzerlibreofficehwpfuzzer Fuzz target binary: hwpfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type: UNKNOWN READ Crash...