Audiocoding » Freeware Advanced Audio Decoder 2 » 2.7 : Security Vulnerabilities, CVEs,
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c.
Max CVSS
7.1
EPSS Score
0.12%
Published
2019-01-25
Updated
2022-04-22
An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
Max CVSS
5.5
EPSS Score
0.10%
Published
2018-12-22
Updated
2022-04-22
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case.
Max CVSS
5.5
EPSS Score
0.10%
Published
2018-12-18
Updated
2022-04-22
The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
Max CVSS
7.1
EPSS Score
0.17%
Published
2017-06-27
Updated
2019-10-03
The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
Max CVSS
7.1
EPSS Score
0.17%
Published
2017-06-27
Updated
2019-10-03
The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
Max CVSS
7.1
EPSS Score
0.17%
Published
2017-06-27
Updated
2019-10-03
The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
Max CVSS
7.1
EPSS Score
0.17%
Published
2017-06-27
Updated
2019-10-03
The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
Max CVSS
7.1
EPSS Score
0.17%
Published
2017-06-27
Updated
2019-10-03
The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
Max CVSS
5.5
EPSS Score
0.17%
Published
2017-06-27
Updated
2017-06-30
The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file.
Max CVSS
7.1
EPSS Score
0.10%
Published
2017-06-27
Updated
2019-10-03
The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
Max CVSS
5.5
EPSS Score
0.17%
Published
2017-06-27
Updated
2017-06-30
The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error) via a crafted mp4 file.
Max CVSS
5.5
EPSS Score
0.17%
Published
2017-06-27
Updated
2017-06-30
The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted mp4 file.
Max CVSS
5.5
EPSS Score
0.17%
Published
2017-06-27
Updated
2017-06-30
The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
Max CVSS
5.5
EPSS Score
0.17%
Published
2017-06-27
Updated
2017-06-30
14 vulnerabilities found