New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Heap-buffer-overflow mp4v2/src/mp4.cpp:519:33 in MP4GetVideoProfileLevel #30
Comments
|
Fixed in commit e7177cc. Thank you for reporting this! |
|
hello can i get a cve id? |
|
I'd actually prefer if you request a CVE ID from a CNA yourself. MP4v2 issues have been assigned CVE IDs by MITRE and VulDB in the past. Please request only one CVE ID for both POCs you submitted as it is essentially only a single issue. When a CVE ID is assigned, it will be mentioned in the release notes of the next update. |
|
OK,thank you |
|
MP4v2 v2.1.3 is now released with the fix for this issue. |
Heap-buffer-overflow mp4v2/src/mp4.cpp:519:33 in MP4GetVideoProfileLevel
project address
https://github.com/enzo1982/mp4v2
info
OS:Ubuntu20.04 TLS
Build: cmake . && make
mp4info - MP4v2 2.1.2
Poc
https://github.com/z1r00/fuzz_vuln/blob/main/mp4v2/heap-buffer-overflow/MP4GetVideoProfileLevel/id:000000%2Csig:06%2Csrc:000758%2Ctime:1159607%2Cexecs:323115%2Cop:havoc%2Crep:8
ASAN Info
Reference
https://github.com/z1r00/fuzz_vuln/blob/main/mp4v2/heap-buffer-overflow/MP4GetVideoProfileLevel/readme.md
The text was updated successfully, but these errors were encountered: