Note:
This project will be discontinued after December 13, 2021. [more]
2018-07-16
In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
Products | Mp4v2 |
Type | Integer Underflow (Wrap or Wraparound) (CWE-191) |
First patch | - None (likely due to unavailable code) |
Links |
• http://www.openwall.com/lists/oss-security/2018/07/16/1
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GISUIWPKBWPXORUFNWBGFTKQS7UUVUC4/ • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRSO2IMK6P7MOIZWGWKONPIEHKBA7WL3/ • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6YCHVOYPIBGM5HYUMQ77KZH2IHSITKVE/ • https://github.com/enzo1982/mp4v2/releases/tag/v2.1.0 |