cvedb.io
CVE-2018-14403
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2018-07-19T05:29:00.477 · Last modified 2026-06-17T01:40:56.907

Summary

MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to use of an inappropriate data type for associated atoms. The resulting type confusion can cause out-of-bounds memory access.

Affected products

techsmith — mp4v2

Does this affect you?

Add your gear to cvedb and we'll alert you only when techsmith ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.