in axiomatic-systems/bento4

✍️ Description NULL pointer dereference of Ap4StszAtom.cpp in function GetSampleSize 🕵️‍♂️ Proof of Concept Verification steps： 1.Get the source code of Bento4 2.Compile the Bento4 bash $ cd Bento4 $ mkdir checkbuild && cd checkbuild $ cmake ../ -DCMAKECCOMPILER=clang -DCMAKECXXCOMPILER=clang++...

CVE-2020-23912

An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4StszAtom::GetSampleSize located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service...

Design/Logic Flaw

In the SDK in Bento4 1.5.0-616, the AP4StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file...

CVE-2017-14261

CVE-2017-14261 affects Bento4 1.5.0-616 in the SDK. The AP4_StszAtom class (Ap4StszAtom.cpp) contains a Read Memory Access Violation vulnerability that can be exploited by opening a crafted .MP4 file. The connected sources confirm the vulnerability exists in this specific component/version, with ...