CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-7339

The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service (overflow, insufficient memory allocation, and segmentation fault) or possibly have unspecified other impact via a crafted mp4 file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.6%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://github.com/pingsuewim/libmp4_bof
https://github.com/pingsuewim/libmp4_bof

Products affected by CVE-2018-7339

Mp4v2 Project » Mp4v2 » Version: 1.0

cpe:2.3:a:mp4v2_project:mp4v2:1.0
Mp4v2 Project » Mp4v2 » Version: 1.9.0

cpe:2.3:a:mp4v2_project:mp4v2:1.9.0
Mp4v2 Project » Mp4v2 » Version: 1.9.1

cpe:2.3:a:mp4v2_project:mp4v2:1.9.1
Mp4v2 Project » Mp4v2 » Version: 2.0.0

cpe:2.3:a:mp4v2_project:mp4v2:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-7339

Products

Pricing

Contact Us