Vulnerabilities > CVE-2018-14448 - NULL Pointer Dereference vulnerability in Untrunc Project Untrunc 20180607

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL

Summary

Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL pointer dereference via a crafted MP4 file because of improper interaction with libav.

Vulnerable Configurations

Part Description Count
Application
Untrunc_Project
1

Common Weakness Enumeration (CWE)