CVE-2017-14258

2017-09-1109:29:00

Google

osv.dev

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.3%

JSON

In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.

CPENameOperatorVersion
bento4eq1.5.0-611
bento4eq1.4.2-591
bento4eq1.4.2-588
bento4eq1.5.0-613
bento4eq1.4.3-600
bento4eq1.4.2-590
bento4eq1.4.3-608
bento4eq1.4.2-589
bento4eq1.5.0-610
bento4eq1.4.3-598

Name	Operator	Version
bento4	eq	1.5.0-611
bento4	eq	1.4.2-591
bento4	eq	1.4.2-588
bento4	eq	1.5.0-613
bento4	eq	1.4.3-600
bento4	eq	1.4.2-590
bento4	eq	1.4.3-608
bento4	eq	1.4.2-589
bento4	eq	1.5.0-610
bento4	eq	1.4.3-598