Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libextractor | Libextractor | 0.5.13 (including) | 0.5.13 (including) |