30 matches found
CVE-2019-11221
GPAC 0.7.1 has a buffer overflow issue in gfimportmessage in mediaimport.c...
EUVD-2018-19465
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-11222
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gfbin128parse in utils/osdivers.c in GPAC 0.7.1 has a buffer overflow issue for the crypt feature when encountering a crafteddrmfile.xml file. CVE-2019-11222 No...
CVE-2018-21015
AVCDuplicateConfig at isomedia/avcext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file. There is "cfgnew-AVCLevelIndication = cfg-AVCLevelIndication;" but cfg could be NULL...
CVE-2018-21017
GPAC 0.7.1 has a memory leak in dinfRead in isomedia/boxcodebase.c...
CVE-2018-21015
AVCDuplicateConfig at isomedia/avcext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file. There is "cfgnew-AVCLevelIndication = cfg-AVCLevelIndication;" but cfg could be NULL...
CVE-2018-21017
GPAC 0.7.1 has a memory leak in dinfRead in isomedia/boxcodebase.c...
Memory corruption
GPAC 0.7.1 has a memory leak in dinfRead in isomedia/boxcodebase.c...
Heap overflow
audiosampleentryAddBox at isomedia/boxcodebase.c in GPAC 0.7.1 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...
CVE-2018-21017
GPAC 0.7.1 has a memory leak in dinfRead in isomedia/boxcodebase.c...
CVE-2018-21015
AVCDuplicateConfig at isomedia/avcext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file. There is "cfgnew-AVCLevelIndication = cfg-AVCLevelIndication;" but cfg could be NULL...
Null pointer dereference
AVCDuplicateConfig at isomedia/avcext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file. There is "cfgnew-AVCLevelIndication = cfg-AVCLevelIndication;" but cfg could be NULL...
CVE-2018-21015
CVE-2018-21015 affects GPAC 0.7.1: AVC_DuplicateConfig() in isomedia/avc_ext.c may dereference a NULL cfg pointer when processing crafted files, causing a denial of service. Documents indicate this vulnerability is fixed in GPAC updates (e.g., GPAC 0.8.0 and later) via vendor advisories (Debian/M...
CVE-2018-21015
AVCDuplicateConfig at isomedia/avcext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file. There is "cfgnew-AVCLevelIndication = cfg-AVCLevelIndication;" but cfg could be NULL...
CVE-2018-21017
GPAC 0.7.1 is affected by a memory leak in dinf_Read (isomedia/box_code_base.c) related to CVE-2018-21017. The CVE is documented across multiple sources (NVD/NASL/Red Hat/Ubuntu mentions) and has CVSS v3.1 base score 6.5 (network, low complexity, user interaction required) with a high impact on a...
CVE-2018-21017
GPAC 0.7.1 has a memory leak in dinfRead in isomedia/boxcodebase.c...
CVE-2018-21017
GPAC 0.7.1 has a memory leak in dinfRead in isomedia/boxcodebase.c...
CVE-2019-12483
An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGFIPMPXRemoveToolNotificationListener in odf/ipmpxcode.c in libgpac.a, as demonstrated by MP4Box...
CVE-2019-12481
An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function GetESD at isomedia/track.c in libgpac.a, as demonstrated by MP4Box...
CVE-2019-12482
An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gfisomgetoriginalformattype at isomedia/drmsample.c in libgpac.a, as demonstrated by MP4Box...