VYPR
Vendor

Enzo1982

Products
1
CVEs
11
Across products
11
Status
Private

Products

1

Recent CVEs

11
  • CVE-2018-14403CriJul 19, 2018
    risk 0.57cvss 9.8epss 0.03

    MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to use of an inappropriate data type for associated atoms. The resulting type confusion can cause out-of-bounds memory access.

  • CVE-2018-14054CriJul 13, 2018
    risk 0.57cvss 9.8epss 0.03

    A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again in the destructor once an exception is triggered.

  • CVE-2018-7339HigFeb 23, 2018
    risk 0.57cvss 8.8epss 0.01

    The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service (overflow, insufficient memory allocation, and segmentation fault) or possibly have unspecified other…

  • CVE-2018-14446HigJul 20, 2018
    risk 0.50cvss 8.8epss 0.02

    MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted MP4 file.

  • CVE-2018-14379HigJul 18, 2018
    risk 0.50cvss 8.8epss 0.02

    MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted MP4…

  • CVE-2018-14326HigJul 16, 2018
    risk 0.50cvss 8.8epss 0.02

    In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h.

  • CVE-2018-14325HigJul 16, 2018
    risk 0.50cvss 8.8epss 0.02

    In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.

  • CVE-2018-17236MedSep 20, 2018
    risk 0.42cvss 6.5epss 0.01

    The function MP4Free() in mp4property.cpp in libmp4v2 2.1.0 internally calls free() on a invalid pointer, raising a SIGABRT signal.

  • CVE-2018-17235MedSep 20, 2018
    risk 0.42cvss 6.5epss 0.01

    The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service.

  • CVE-2023-1451LowMar 17, 2023
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in MP4v2 2.1.2. It has been classified as problematic. Affected is the function mp4v2::impl::MP4Track::GetSampleFileOffset of the file mp4track.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has…

  • CVE-2023-1450LowMar 17, 2023
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file mp4trackdump.cpp. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public…