Note:
This project will be discontinued after December 13, 2021. [more]
2018-01-09
Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file.
Products | Ffmpeg |
Type | Integer Underflow (Wrap or Wraparound) (CWE-191) |
First patch | - None (likely due to unavailable code) |
Links |
• https://bugs.chromium.org/p/chromium/issues/detail?id=444546
• https://github.com/FFmpeg/FFmpeg/blob/n2.4.6/Changelog • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3ebd76a9c57558e284e94da367dd23b435e6a6d0 |