Heap-based Buffer Over-read Vulnerability in mp4v2::impl::MP4Track::FinishSdtp() Function

Heap-based Buffer Over-read Vulnerability in mp4v2::impl::MP4Track::FinishSdtp() Function

CVE-2018-17235 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service.

Learn more about our Cis Benchmark Audit For Ibm I.