CVE-2019-20090
Bento4 1.5.1.0 contains a use-after-free in AP4_Sample::GetOffset (Core/Ap4Sample.h) when invoked from Ap4LinearReader.cpp. This is the concrete root cause described in the CVE entry. The issue affects Bento4’s MP4 parsing/writing runtime, enabling an attacker-controlled scenario to potentially t...