CVE-2018-14545

Published July 23rd, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.

axiomatic-systems/Bento4

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

GitHub

2.45K