本頁列出影響 techsmith mp4v2 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2018-14446 | MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted MP4 file. | [email protected] | 8.8 | 2.38% | 2018-07-20 | 2026-06-17 |
| CVE-2018-14403 | MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to use of an inappropriate data type for associated atoms. The resulting type confusion can cause out-of-bounds memory access. | [email protected] | 9.8 | 2.60% | 2018-07-19 | 2026-06-17 |
| CVE-2018-14379 | MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted MP4 file, because access to the data structure has different expectations about layout as a result of this type confusion. | [email protected] | 8.8 | 2.18% | 2018-07-18 | 2026-06-17 |
| CVE-2018-14326 | In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h. | [email protected] | 8.8 | 1.87% | 2018-07-16 | 2026-06-17 |
| CVE-2018-14325 | In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp. | [email protected] | 8.8 | 1.98% | 2018-07-16 | 2026-06-17 |
| CVE-2018-14054 | A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again in the destructor once an exception is triggered. | [email protected] | 9.8 | 2.60% | 2018-07-13 | 2026-06-17 |