Mp4v2 Security Vulnerabilities and Issues — Mp4v2 CVE List

Lucene search

TechsmithMp4v2

6 matches found

CVE•added 2018/07/13 5:29 p.m.•57 views

CVE-2018-14054

A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again in the destructor once an exception is triggered.

9.8CVSS9.2AI score0.00576EPSS

CVE•added 2018/07/19 5:29 a.m.•46 views

CVE-2018-14403

MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to use of an inappropriate data type for associated atoms. The resulting type confusion can cause out-of-bounds memory access.

9.8CVSS9.2AI score0.00576EPSS

CVE•added 2018/07/16 6:29 p.m.•37 views

CVE-2018-14325

In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.

8.8CVSS9AI score0.00586EPSS

CVE•added 2018/07/18 5:29 a.m.•34 views

CVE-2018-14379

MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted MP4 file, because access ...

8.8CVSS9.3AI score0.00575EPSS

CVE•added 2018/07/20 1:29 p.m.•34 views

CVE-2018-14446

MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted MP4 file.

8.8CVSS9.4AI score0.00877EPSS

CVE•added 2018/07/16 6:29 p.m.•31 views

CVE-2018-14326

In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h.

8.8CVSS9.1AI score0.00454EPSS