CVE-2022-3974 Axiomatic Bento4 mp4info Ap4StdCFileByteStream.cpp ReadPartial heap-based overflow

A vulnerability classified as critical was found in Axiomatic Bento4. Affected by this vulnerability is the function AP4StdcFileByteStream::ReadPartial of the file Ap4StdCFileByteStream.cpp of the component mp4info. The manipulation leads to heap-based buffer overflow. The attack can be launched...

CVE-2022-41847

An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4StdcFileByteStream::CreateAP4FileByteStream, char const, AP4FileByteStream::Mode, AP4ByteStream& in System/StdC/Ap4StdCFileByteStream.cpp...

CVE-2022-40737

An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4ByteStream::Write and AP4HdlrAtom::WriteFields...

CVE-2022-40737

An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4ByteStream::Write and AP4HdlrAtom::WriteFields...