Shodan
Vulnerabilities
Vulnerable Software
Audiocoding:  >> Freeware Advanced Audio Decoder 2  >> 2.7  Security Vulnerabilities
CVE-2019-6956
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c.
CVSS Score
7.1
EPSS Score
0.004
Published
2019-01-25
CVE-2018-20360
An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
CVSS Score
5.5
EPSS Score
0.005
Published
2018-12-22
CVE-2018-20199
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case.
CVSS Score
5.5
EPSS Score
0.005
Published
2018-12-18
CVE-2017-9218
The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-06-27
CVE-2017-9219
The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted mp4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-06-27
CVE-2017-9220
The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error) via a crafted mp4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-06-27
CVE-2017-9221
The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-06-27
CVE-2017-9222
The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-06-27
CVE-2017-9223
The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-06-27
CVE-2017-9253
The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-06-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved