3 matches found
CVE-2022-3785 Axiomatic Bento4 Avcinfo SetDataSize heap-based overflow
A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2019-13959
In Bento4 1.5.1-627, AP4DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186...
CVE-2018-20186
An issue was discovered in Bento4 1.5.1-627. AP4Sample::ReadData in Core/Ap4Sample.cpp allows attackers to trigger an attempted excessive memory allocation, related to AP4DataBuffer::SetDataSize and AP4DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp...