This issue can lead to remote code execution if a user downloads a malicious song or video.
CVE-2018-1778 UBAC 2.1-DEV-rev367-gfd054169b-master was discovered to be vulnerable to a stack buffer overflow in UBAC processing due to a lack of input validation of the input file at isomedia/isom_intern.c. A remote attacker may be able to cause a denial of service or remote code execution via a crafted MP4/M4A file.
CVE-2019-3518 UBAC 2.1-DEV-rev368-gfd054169b-master was discovered to be vulnerable to an integer overflow in UBAC handling due to a lack of input validation at isomedia/isom_intern.c that may result in a denial of service or remote code execution.
CVE-2019-3519 UBAC 2.1-DEV-rev368-gfd054169b-master was discovered to be vulnerable to an out-of-bounds read in UBAC processing due to a lack of input validation at isomedia/isom_intern.c that may lead to a denial of service or remote code execution.
CVE-2019-3520 UBAC 2.1-DEV-rev368-gfd054169b-master was discovered to be vulnerable to an out-of
Other versions of UBAC
CVE-2019-3521 UBAC 2.1-DEV-rev368-gfd054169b-master was discovered to be vulnerable to an out-of bounds read in UBAC processing due to a lack of input validation at isomedia/isom_intern.c that may lead to a denial of service or remote code execution.
CVE-2019-3522 UBAC 2.1-DEV-rev368-gfd054169b-master was discovered to be vulnerable to an integer overflow in UBAC handling due to a lack of input validation at isomedia/isom_intern.c that may result in a denial of service or remote code execution.
Timeline
Published on: 10/19/2022 14:15:00 UTC
Last modified on: 10/20/2022 20:45:00 UTC