11 matches found
CVE-2017-9218
CVE-2017-9218 affects Freeware Advanced Audio Decoder 2 (FAAD2) 2.7. The vulnerable component is mp4ff_read_stsd in common/mp4ff/mp4atom.c, where crafted MP4 files can trigger an invalid memory read leading to an application crash (denial of service). Connected sources corroborate the same descri...
CVE-2017-9223
CVE-2017-9223 affects Freeware Advanced Audio Decoder 2 (FAAD2) v2.7. The mp4ff_read_stts function in common/mp4ff/mp4atom.c can be exploited by a crafted MP4 file to cause a denial of service via an invalid memory read and application crash. Multiple sources confirm the issue in FAAD2 2.7. Debia...
CVE-2017-9254
CVE-2017-9254 is confirmed in FAAD2 version 2.7, where the function mp4ff_read_stts in common/mp4ff/mp4atom.c can be exploited by a crafted MP4 file to cause a denial of service (large loop and high CPU usage). The connected documents (OSV/ CNVD/NVD references) provide identical descriptions of t...
CVE-2017-9220
CVE-2017-9220 affects FAAD2 2.x; the mp4ff_read_stco function in common/mp4ff/mp4atom.c can be triggered by a crafted MP4 to cause a memory allocation error and denial of service. Connected sources confirm this is a remote-denial condition via crafted files in FAAD2 2.7. Debian advisory confirms ...
CVE-2017-9221
CVE-2017-9221 affects Freeware Advanced Audio Decoder 2 (FAAD2) v2.7. The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c is exploitable via a crafted MP4 file to cause a denial of service through an invalid memory read and application crash. Public disclosures and multiple CVE trackers corrob...
CVE-2017-9255
The vulnerability CVE-2017-9255 affects Freeware Advanced Audio Decoder 2 (FAAD2) version 2.7. The mp4ff_read_stsc function in common/mp4ff/mp4atom.c is vulnerable to crafted MP4 files, allowing remote attackers to trigger a denial of service via a large loop and high CPU usage. The connected OSV...
CVE-2017-9257
Summary (CVE-2017-9257): The vulnerability affects FAAD2 2.7, where the function mp4ff_read_ctts in common/mp4ff/mp4atom.c can be abused by a crafted MP4 file to trigger a denial of service through a large loop/CPU consumption. The issue is documented across multiple feeds; Debian’s DLA-1077-1 no...
CVE-2017-9219
CVE-2017-9219 affects FAAD2 (Freeware Advanced Audio Decoder) 2.7. The vulnerability is in the mp4ff_read_stsc function (common/mp4ff/mp4atom.c) and allows remote attackers to trigger a denial-of-service through a crafted MP4 file, causing a memory allocation failure and application crash. Impact...
CVE-2017-9222
Affected software: Freeware Advanced Audio Decoder 2 (FAAD2) version 2.7. The vulnerability is in the mp4ff_parse_tag function (common/mp4ff/mp4meta.c) and can be triggered by a crafted MP4 file. Root cause: parsing a crafted file can cause an infinite loop, leading to CPU consumption and denial ...
CVE-2017-9253
CVE-2017-9253 affects Freeware Advanced Audio Decoder 2 (FAAD2) 2.7. The vulnerability is in the mp4ff_read_stsd function (common/mp4ff/mp4atom.c) and can be exploited remotely to cause a denial of service via a crafted MP4 file (large loop/CPU consumption). Debian and OSV entries corroborate the...
CVE-2017-9256
CVE-2017-9256 affects FAAD2 2.7, where the mp4ff_read_stco function in common/mp4ff/mp4atom.c can be triggered by a crafted MP4 file to cause a denial of service (large loop and high CPU usage). Public references confirm the issue in FAAD2 2.7 and map to multiple CVE entries. Debian’s DLA-1077-1 ...