CVE-2018-14446

Name of the Vulnerable Software and Affected Versions MP4v2 version 2.1.0

Description The issue allows remote attackers to cause a denial of service, which may lead to a heap-based buffer overflow and application crash, or possibly have other unspecified impacts. This can be achieved via a crafted MP4 file.

Recommendations For MP4v2 version 2.1.0, update to a version that fixes the MP4Integer32Property::Read function in atom avcC.cpp to prevent the heap-based buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.