Linux Distros Unpatched Vulnerability : CVE-2018-1000100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avcext.c lines 2417 to 2420 that can result in Heap chunks being...

Memory Leak

libgpac.so is vulnerable to Memory Leak. The vulnerability exists in the gfisomoinfreadentry function of avcext.c, which allows an attacker to read memory through the maliciously crafted file...

Use-After-Free

libgpac.so is vulnerable to use-after-free. The vulnerability is possible because of a flaw in the gfisomdoviconfigget function of the file avcext.c, which allows a remote attacker to cause heap use-after-free...

Heap overflow

A heap-buffer-overflow had occurred in function gfisomdoviconfigget of isomedia/avcext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242...

Arbitrary Code Execution

gpac is vulnerable to arbitrary code execution. The vulnerability exists as processing a mp4 file can cause buffer overflow in src/isomedia/avcext.c...

CVE-2018-21015

CVE-2018-21015 affects GPAC 0.7.1: AVC_DuplicateConfig() in isomedia/avc_ext.c may dereference a NULL cfg pointer when processing crafted files, causing a denial of service. Documents indicate this vulnerability is fixed in GPAC updates (e.g., GPAC 0.8.0 and later) via vendor advisories (Debian/M...