| ID |
CVE-2017-9257
|
| Summary |
The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 7.1 (as of 03-10-2019 - 00:03) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-834 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
| refmap
via4
|
|
| Last major update |
03-10-2019 - 00:03 |
| Published |
27-06-2017 - 12:29 |
| Last modified |
03-10-2019 - 00:03 |
