18 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-17528
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from...
Linux Distros Unpatched Vulnerability : CVE-2019-15050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4AvccAtom class at Core/Ap4AvccAtom.cpp. CVE-2019-15050 Note that...
Linux Distros Unpatched Vulnerability : CVE-2019-20092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4Descriptor::GetTag in mp42ts when called from...
CVE-2019-17453
Bento4 1.5.1.0 has a NULL pointer dereference in AP4DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact...
CVE-2019-17530
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4Atom::Inspect in Core/Ap4Atom.cpp...
Design/Logic Flaw
The AP4CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service application crash, related to a memory allocation failure, as demonstrated by mp2aac...
CVE-2019-20092
An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4Descriptor::GetTag in mp42ts when called from AP4EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp...
Null pointer dereference
An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4Descriptor::GetTag in mp42ts when called from AP4EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp...
UBUNTU-CVE-2019-20090
An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp...
CVE-2019-20091
CVE-2019-20091 affects Bento4 1.5.1.0. The issue is a NULL pointer dereference in AP4_Descriptor::GetTag within mp42ts, triggered via AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp. Documented impact includes potential instability (CVSS metrics ind...
CVE-2019-17528
An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4Processor::ProcessFragments in Core/Ap4Processor.cpp...
CVE-2019-17528
An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4Processor::ProcessFragments in Core/Ap4Processor.cpp...
CVE-2019-17529
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4Atom::Inspect in Core/Ap4Atom.cpp...
CVE-2019-17528
An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4Processor::ProcessFragments in Core/Ap4Processor.cpp...
CVE-2019-17530
Bento4 1.5.1.0 contains a heap-based buffer over-read in AP4_PrintInspector::AddField, triggered when AP4_CencSampleEncryption::DoInspectFields is invoked via AP4_Atom::Inspect (Core/Ap4Atom.cpp). This path affects the inspector logic in Core/Ap4CommonEncryption.cpp and can be reached during Atom...
Null pointer dereference
Bento4 1.5.1.0 has a NULL pointer dereference in AP4DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact...
CVE-2019-17452
Bento4 1.5.1.0 has a NULL pointer dereference in AP4DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump...
UBUNTU-CVE-2019-15049
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4Dec3Atom class at Core/Ap4Dec3Atom.cpp...