The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 11 | all | ccextractor | <= 0.88+ds1-1 | ccextractor_0.88+ds1-1_all.deb |
Debian | 10 | all | ccextractor | <= 0.87+ds1-1 | ccextractor_0.87+ds1-1_all.deb |
Debian | 999 | all | ccextractor | < 0.93+ds2-1 | ccextractor_0.93+ds2-1_all.deb |
Debian | 11 | all | gpac | < 1.0.1+dfsg1-4 | gpac_1.0.1+dfsg1-4_all.deb |
Debian | 10 | all | gpac | <= 0.5.2-426-gc5ad4e4+dfsg5-5 | gpac_0.5.2-426-gc5ad4e4+dfsg5-5_all.deb |
Debian | 999 | all | gpac | < 1.0.1+dfsg1-4 | gpac_1.0.1+dfsg1-4_all.deb |