CVE-2017-16868

Posted on by admin

CVE-2017-16868

In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service (integer overflow and NULL pointer dereference) via a crafted WAV file.

Source: CVE-2017-16868

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다