Heap-based Buffer Over-read Vulnerability in mp4v2::impl::MP4Track::FinishSdtp() Function
CVE-2018-17235 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:N/A:P
The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service.
Learn more about our Cis Benchmark Audit For Ibm I.