CVE Vulnerabilities

CVE-2018-14325

Integer Underflow (Wrap or Wraparound)

Published: Jul 16, 2018 | Modified: Nov 07, 2023
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.

Weakness

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

Affected Software

Name Vendor Start Version End Version
Mp4v2 Techsmith 2.0.0 2.0.0

References