Integer underflow in the Huffman decoding functionality (pvmp3_huffman_parsing.cpp) in OpenCORE 2.0 and previous versions allows remote malicious users to cause a denial of service (process crash) and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
android opencore 2.0 |