The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mp4v2 project mp4v2 2.1.0 |