2 matches found
CVE-2021-32272
CVE-2021-32272 affects FAAD2 up to version 2.10.0. A heap-buffer-overflow in function stszin (mp4read.c) can allow a remote attacker to achieve Code Execution . Affected: faad2 before 2.10.0. Root cause: heap-buffer-overflow in mp4read.c. Impact: code execution. Remediation: upgrade to 2.10.0 or ...
CVE-2021-26567
Summary: CVE-2021-26567 is a stack-based buffer overflow in the FAAD2 decoder (frontend/main.c) of faad2 prior to 2.2.7.1. The vulnerability allows a local attacker to execute arbitrary code via crafted filename and pathname options. Affected context is mainly Synology DiskStation Manager (faad2 ...