Buffer overflow

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function diSTboxread to read from video. In this function, it allocates a buffer str with fixed length. However, content read from bs is controllable ...

UBUNTU-CVE-2022-1441

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function diSTboxread to read from video. In this function, it allocates a buffer str with fixed length. However, content read from bs is controllable ...

CVE-2022-1441

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function diSTboxread to read from video. In this function, it allocates a buffer str with fixed length. However, content read from bs is controllable ...

PT-2022-13892 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC versions 2.0.0 Description: The issue arises when MP4Box, a component of GPAC, attempts to parse a MP4 file. It calls the function diST box read to read from the video, allocating a buffer str with a fixed length. However, the content re...

GPAC 缓冲区错误漏洞

GPAC is an open source multimedia framework. GPAC suffers from a buffer error vulnerability that stems from the fact that when MP4Box tries to parse an MP4 file, it calls the function diSTboxread to read from the video. In this function, it allocates a fixed-length buffer str. However, reading fr...

CVE-2022-1441

CVE-2022-1441 concerns MP4Box, a component of GPAC-2.0.0. The issue occurs in diST_box_read() where a buffer str is allocated with a fixed length, but data read from bs (and its length) are user-controlled, enabling a buffer overflow. Public advisories reference GPAC-related fixes: Debian DSA-541...

CVE-2022-1441

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function diSTboxread to read from video. In this function, it allocates a buffer str with fixed length. However, content read from bs is controllable ...

CVE-2022-29537

gprtpbuilderdohevc in ietf/rtppckmpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box...

DEBIAN-CVE-2022-29537

gprtpbuilderdohevc in ietf/rtppckmpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box...

CVE-2022-29537

gprtpbuilderdohevc in ietf/rtppckmpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box...

CVE-2022-29537

gprtpbuilderdohevc in ietf/rtppckmpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box...

CVE-2022-29537

gprtpbuilderdohevc in ietf/rtppckmpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box...

UBUNTU-CVE-2022-29537

gprtpbuilderdohevc in ietf/rtppckmpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box...

Heap overflow

gprtpbuilderdohevc in ietf/rtppckmpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box...

CVE-2022-29537

gprtpbuilderdohevc in ietf/rtppckmpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box...

PT-2022-19687 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 2.0.0 Description: The issue is related to a heap-based buffer over-read in the gp rtp builder do hevc function, located in the ietf/rtp pck mpeg4.c file. This problem is demonstrated by MP4Box. Recommendations: For GPAC version...

Stack Overflow

gpac is vulnerable to stack-overflow. The vulnerability exists in gfisomgetsampleformovietime function of mp4box which allows an attacker to cause an application crash...

The vulnerability of the gf_dashSegmenter_probe_input function in the MP4Box module of the GPAC multimedia platform allows a intruder to cause a service failure.

The vulnerability of the gfdashsegmenterprobeinput function in the MP4Box component of the GPAC multimedia platform is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

CVE-2022-27146

GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gfisomappleenumtag...

CVE-2022-27145

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gfisomgetsampleformovietime of mp4box...