EUVD-2020-3909

Malware in sbrugna...

Denial Of Service (DoS)

gpac is vulnerable to denial of service DoS. The vulnerability exists in audiosampleentryAddBox function in isomedia/boxcodebase.c, allowing a malicious user to cause an application crash via a crafted file...

GPAC Resource Management Error Vulnerability (CNVD-2020-23405)

GPAC is an open source multimedia framework. A resource management error vulnerability exists in the libgpac.a file in GPAC version 0.8.0, which stems from a failure of audiosampleentryRead in the isomedia/boxcodebase.c file to correctly determine when to make a gfisomboxdel call. An attacker cou...

UBUNTU-CVE-2020-11558

An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audiosampleentryRead in isomedia/boxcodebase.c does not properly decide when to make gfisomboxdel calls. This leads to various use-after-free outcomes involving mdiaRead, gfisomdeletemovie, and gfisomparsemovieboxes...

CVE-2020-11558

An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audiosampleentryRead in isomedia/boxcodebase.c does not properly decide when to make gfisomboxdel calls. This leads to various use-after-free outcomes involving mdiaRead, gfisomdeletemovie, and gfisomparsemovieboxes...

CVE-2020-11558

An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audiosampleentryRead in isomedia/boxcodebase.c does not properly decide when to make gfisomboxdel calls. This leads to various use-after-free outcomes involving mdiaRead, gfisomdeletemovie, and gfisomparsemovieboxes...

GPAC Buffer Overflow Vulnerability (CNVD-2019-40502)

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A heap buffer overflow vulnerability exists in audiosampleentryAddBox in isomedia/boxcodebase.c in GPAC 0.7.1. An attacker could exploit this vulnerability via specially crafted files to cause a denial of servic...

DEBIAN-CVE-2018-21016

audiosampleentryAddBox at isomedia/boxcodebase.c in GPAC 0.7.1 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...

UBUNTU-CVE-2018-21016

audiosampleentryAddBox at isomedia/boxcodebase.c in GPAC 0.7.1 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...

PT-2019-10441 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 0.7.1 Description: The issue allows remote attackers to cause a denial of service, resulting in a heap-based buffer over-read and application crash, via a crafted file. This is related to the audio sample entry AddBox function at...