NULL Pointer Dereference Vulnerability in DeleteBitBuffer Function in mp4tools aacplusenc 0.17.5

CVE-2017-14181 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid memory write, SEGV on unknown address 0x000000000030, and application crash) or possibly have unspecified other impact via a crafted .wav file, aka a NULL pointer dereference.

Learn more about our Web Application Penetration Testing UK.