ID CVE-2018-14403
Summary MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to use of an inappropriate data type for associated atoms. The resulting type confusion can cause out-of-bounds memory access.
References
Vulnerable Configurations
  • cpe:2.3:a:techsmith:mp4v2:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:techsmith:mp4v2:2.0.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-04-2023 - 14:15)
Impact:
Exploitability:
CWE CWE-704
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
fedora
  • FEDORA-2019-1030f4816a
  • FEDORA-2019-6469ad8129
  • FEDORA-2019-d53d4a79ac
misc http://www.openwall.com/lists/oss-security/2018/07/18/3
Last major update 11-04-2023 - 14:15
Published 19-07-2018 - 05:29
Last modified 11-04-2023 - 14:15
Back to Top