Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and previous versions, and possibly other products, allows remote malicious users to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mtp-target mtp-target |