There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the S_M array is mishandled.
Max CVSS
7.8
EPSS Score
0.25%
Published
2018-12-18
Updated
2022-04-22
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case.
Max CVSS
5.5
EPSS Score
0.10%
Published
2018-12-18
Updated
2022-04-22
An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
Max CVSS
5.5
EPSS Score
0.10%
Published
2018-12-22
Updated
2022-04-22
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c.
Max CVSS
7.1
EPSS Score
0.12%
Published
2019-01-25
Updated
2022-04-22
An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution.
Max CVSS
7.8
EPSS Score
0.18%
Published
2021-09-20
Updated
2022-04-22
An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker to cause Code Execution.
Max CVSS
7.8
EPSS Score
0.08%
Published
2021-09-20
Updated
2022-04-22
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution.
Max CVSS
7.8
EPSS Score
0.14%
Published
2021-09-20
Updated
2022-04-22
An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service.
Max CVSS
5.5
EPSS Score
0.08%
Published
2021-09-20
Updated
2022-04-22
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows an attacker to cause code Execution.
Max CVSS
7.8
EPSS Score
0.14%
Published
2021-09-20
Updated
2022-04-22
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an attacker to cause code Execution.
Max CVSS
7.8
EPSS Score
0.14%
Published
2021-09-20
Updated
2022-04-22
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!