Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CCExtractor mp4.c processmp4 use after free
Vulnerability Description
A vulnerability was detected in CCExtractor up to 0.96.5. Affected is the function processmp4 in the library src/lib_ccx/mp4.c. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 0.96.6 is able to address this issue. The patch is named fd7271bae238ccb3ae8a71304ea64f0886324925. You should upgrade the affected component.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
释放后使用
Vulnerability Title
CCExtractor 资源管理错误漏洞
Vulnerability Description
CCExtractor是CCExtractor Development开源的一个解压软件。 CCExtractor 0.96.5及之前版本存在资源管理错误漏洞,该漏洞源于函数processmp4存在释放后重用。
CVSS Information
N/A
Vulnerability Type
N/A