CVE-2021-31257

The HintFile function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

CVE-2021-31262

The AV1DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

CVE-2021-31260

The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

CVE-2021-31261

The gfhintertracknew function in GPAC 1.0.1 allows attackers to read memory via a crafted file in the MP4Box command...

CVE-2021-31260

CVE-2021-31260 affects GPAC 1.0.1: the MergeTrack function can be triggered by a crafted MP4Box file, causing a NULL pointer dereference and a denial of service. Exploitation details are not provided beyond this description in the sources, but multiple advisories reference a vulnerability in GPAC...

CVE-2021-31258

The gfisomsetextractionslc function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

CVE-2021-31259

The gfisomcencgetdefaultinfointernal function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

PT-2022-11277 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue allows attackers to cause a denial of service via a crafted file in the MP4Box command. This is due to a problem in the gf hinter track finalize function. Recommendations: For GPAC version 1.0.1,...