Bento4 缓冲区错误漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A denial of service vulnerability exists in Bento4 version v1.6.0-639, which stems from the AP4TrunAtom::SetDataOffsetint function in Ap4TrunAtom.h containing a segmentation violation. An attacker can exploit this vulnerabili...

DEBIAN-CVE-2021-21850

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “trun” FOURCC code due to unchecked...

UBUNTU-CVE-2021-21850

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “trun” FOURCC code due to unchecked...

UBUNTU-CVE-2019-16349

Bento4 1.5.1-628 has a NULL pointer dereference in AP4ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4TrunAtom class...

ZDI-11-254: Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability

ZDI-11-254: Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-254 August 16, 2011 -- CVE ID: CVE-2011-0256 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple...

Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...