2 matches found
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the resolvecontentpath process. An attacker can cause a write operation to occur one byte past the end of a heap-allocated buffer by crafting a specially designed MPEG-DASH manifest that triggers the appending of ...
CVE-2025-59728 Heap-buffer-overflow write in FFmpeg MDASH resolve_content_path
When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...