Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c).
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| extractor(PyPI) | N/A | N/A | N/A |
CVSS Metrics
