CVE-2017-14181

Name of the Vulnerable Software and Affected Versions mp4tools aacplusenc version 0.17.5

Description The issue allows remote attackers to cause a denial of service, resulting in an invalid memory write, a SEGV on an unknown address, and an application crash, or possibly have other unspecified impacts via a crafted .wav file. This is due to a NULL pointer dereference.

Recommendations For version 0.17.5, consider updating to a newer version that contains a fix for this issue, as using a crafted .wav file can lead to a denial of service or other unspecified impacts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.