A flaw was found in MP4v2 through 2.0.0. The MP4Atom class in mp4atom.cpp in mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service (overflow, insufficient memory allocation, and segmentation fault) or possibly have unspecified other impact via a crafted mp4 file. References: https://github.com/pingsuewim/libmp4_bof
Created libmp4v2 tracking bugs for this issue: Affects: fedora-all [bug 1558631] Affects: epel-all [bug 1558632]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.