GPAC 代码问题漏洞

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A null pointer dereference vulnerability exists in the filtercore/filterpck.c:gffilterpcknewallocinternal function in GPAC version 1.0.1. An attacker could exploit this vulnerability to cause a program crash...

GPAC 代码问题漏洞

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A null pointer dereference vulnerability exists in the MergeTrack function in GPAC version 1.0.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

GPAC 缓冲区错误漏洞

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A buffer overflow vulnerability exists in the abstboxread function in MP4Box in GPAC version 1.0.1. An attacker could exploit this vulnerability via specially crafted files to cause a denial of service or execut...

GPAC 代码问题漏洞

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A null pointer dereference vulnerability exists in the gfisomsetextractionslc function in GPAC version 1.0.1. An attacker could exploit this vulnerability via specially crafted files to cause a denial of service...

GPAC 缓冲区错误漏洞

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A heap overflow vulnerability exists in the gfhevcreadppsbsinternal function in mediatools/avparsers.c in GPAC version 1.0.1. An attacker can exploit this vulnerability via specially crafted files to cause a...

GPAC 0.8.0 suffers from a denial of service vulnerability

GPAC is a framework for the development of multimedia for research and academia. A denial of service vulnerability exists in GPAC 0.8.0, which can be exploited by an attacker to cause a denial of service attack...

Memory Corruption Vulnerability in VLC Player (CNVD-2021-16334)

VLC is a cross-platform multimedia player and framework for playing most multimedia files, as well as DVDs, audio CDs, VCDs and various streaming protocols. VLC Player suffers from a memory corruption vulnerability that can be exploited by attackers to cause a denial of service...

Debian DLA-2537-1 : ffmpeg security update

Two vulnerabilities have been discovered in ffmpeg, a widely used multimedia framework. CVE-2019-17539 a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer CVE-2020-35965 an out-of-bounds write because of errors in calculations of when to...

Debian: Security Advisory (DLA-2537-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2537-1] ffmpeg security update

Debian LTS Advisory DLA-2537-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez January 31, 2021 https://wiki.debian.org/LTS Package : ffmpeg Version : 7:3.2.15-0+deb9u2 CVE ID : CVE-2019-17539 CVE-2020-35965 Debian Bug : 979999 Two vulnerabilities have been...

Debian DLA-2528-1 : gst-plugins-bad1.0 security update

Andrew Wesie discovered a buffer overflow in the H264 support of the GStreamer multimedia framework, which could potentially result in the execution of arbitrary code. For Debian 9 stretch, this problem has been fixed in version 1.10.4-1+deb9u1. We recommend that you upgrade your gst-plugins-bad1...

Debian DLA-2291-1 : ffmpeg security update

Several vulnerabilities have been fixed by upgrading FFmpeg, a widely used multimedia framework, from 3.2.14 to 3.2.15. CVE-2019-13390 rawenc: Only accept the appropriate stream type for raw muxers. CVE-2019-17542 Heap-based buffer overflow in vqadecodechunk. CVE-2020-13904 Use-after-free via a...

[SECURITY] [DLA 2291-1] ffmpeg security update

Debian LTS Advisory DLA-2291-1 [email protected] https://www.debian.org/lts/security/ July 27, 2020 https://wiki.debian.org/LTS Package : ffmpeg Version : 7:3.2.15-0+deb9u1 CVE ID : CVE-2019-13390 CVE-2019-17542 CVE-2020-13904 Debian Bug : Several vulnerabilities have been fixed by...

Debian: Security Advisory (DSA-4722-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Android Media Framework Input Validation Error Vulnerability (CNVD-2020-36926)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Media Framework is one of the multimedia development frameworks. A security vulnerability exists in Media Framework in Android version 10. The vulnerability can be exploited by an...

Vulnerability Spotlight: Information disclosure vulnerability in Microsoft Media Foundation

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation contains an information disclosure vulnerability that could allow an attacker to eventually remotely execute code on the victim machine. Media Foundation is a COM-based multimedia...

GPAC Resource Management Error Vulnerability (CNVD-2020-23405)

GPAC is an open source multimedia framework. A resource management error vulnerability exists in the libgpac.a file in GPAC version 0.8.0, which stems from a failure of audiosampleentryRead in the isomedia/boxcodebase.c file to correctly determine when to make a gfisomboxdel call. An attacker cou...

Vulnerability Spotlight: Denial-of-service vulnerability in GStreamer

Peter Wang of Cisco ASIG discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a denial-of-service vulnerability in GStreamer, a pipeline-based multimedia framework. GStreamer contains gst-rtsp-server, an open-source library that allows the user to build RTSP servers...

Debian DLA-2072-1 : gpac security update

Multiple issues were found in gpac, a multimedia framework featuring the MP4Box muxer. CVE-2018-21015 AVCDuplicateConfig at isomedia/avcext.c allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file. CVE-2018-21016 audiosampleentryAddB...

[SECURITY] [DLA 2072-1] gpac security update

Package : gpac Version : 0.5.0+svn5324dfsg1-1+deb8u5 CVE ID : CVE-2018-21015 CVE-2018-21016 CVE-2019-13618 CVE-2019-20161 CVE-2019-20162 CVE-2019-20163 CVE-2019-20165 CVE-2019-20170 CVE-2019-20171 CVE-2019-20208 Debian Bug : 940882 932242 Multiple issues were found in gpac, a multimedia framework...