EUVD-2019-11167

Malware in sbrugna...

EUVD-2019-11169

Malware in sbrugna...

CVE-2019-20630

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in BSReadByte called from gfbsreadbit in utils/bitstream.c that can cause a denial of service via a crafted MP4 file...

NULL Pointer Dereference

libgpac.so is vulnerable to NULL Pointer Dereference. The vulnerability is due to the gfavcchangevui function within avparsers.c because there is no validation on the avcc pointer utilizing it. This can lead to a null pointer dereference, resulting in Denial of Service...

NULL Pointer Dereference

libgpac.so is vulnerable to NULL Pointer Dereference vulnerability. The vulnerability is due to a defect in function gfxmlsaxparseintern in file utils/xmlparser.c and file filters/dasher.c. The attacker can exploit this vulnerability to mount Denial Of Service DOS attack...

NULL Pointer Dereference

libgpac.so is vulnerable to NULL Pointer Dereference. The vulnerability exists in xmlsaxappendstring function at xmlparser.c which allows an attacker to cause denial of service...

Heap-based Buffer Overflow

libgpac.so is vulnerable to Heap-based Buffer Overflow. The vulnerability exists in adtsdmxprocess function in reframeadts.c due to improper validations of buffer size which allows an attacker to cause an overflow resulting in an application crash...

Heap-based Buffer Overflow

libgpac.so is vulnerable to Heap-based Buffer Overflow. The vulnerability exists in mp3dmxprocess function of filters/reframemp3.c due to improper validations of buffer size which allows an attacker to cause an overflow resulting in an application crash...

Heap-based Buffer Overflow

libgpac.so is vulnerable to Heap-based Buffer Overflow. A local attacker is able to cause heap-based buffer overflows due to improper validation logics in the avcparseslice function in avparsers.c...

Heap-based Buffer Overflow

libgpac.so is vulnerable to Heap-based Buffer Overflow. A local attacker is able to cause heap-based buffer overflows due to improper memory management operations in eac3updatechannels function of mediatools/avparsers.c...

Use After Free

libgpac.so is vulnerable to Use-After-Free. The vulnerability exists due to a lack of entity value validations in the m2tsdmxdeclarepid parameter in dmxm2ts.c which leads to memory consumption resulting in an application crash...

Denial Of Service (DoS)

libgpac.so is vulnerable to denial of service. The vulnerability exists through the heap-buffer-overflow in the schmboxread function of boxcodedrm.c because the function does not properly check the length of URI, allowing an attacker to crash the application by providing a maliciously crafted fil...

Information Disclosure

libgpac.so is vulnerable to information disclosure. A local attacker is able to gain access to sensitive user information due to a memory leak in the gfisomgetrootod function in MP4Box using a specifically crafted file...

Buffer Overflow

libgpac.so is vulnerable to buffer overflows. The vulnerability exists in diSTboxread in boxcode3gpp.c because when gpac parses an mp4 file, the video content and the buffer length is controllable by the user which causes a stack overflow...

Denial Of Service (DoS)

libgpac.so is vulnerable to denial of service. The vulnerability exists because it causes stack overflow in the function gfnodegetname at scenegraph/basescenegraph.c, leading to an application crash...

Denial Of Service (DoS)

libgpac is vulnerable to denial of service. The vulnerability exists due to an invalid memory address dereference via the function shiftchunkoffsets.isra...

Denial Of Service (DoS)

libgpac is vulnerable to denial of service. The vulnerability exists due to an invalid call in the function gfnodechanged...

Denial Of Service (DoS)

libgpac.so is vulnerable to denial of service. The attacker can send a malicious file to the function ilstitemboxdump located in boxdump.c, causing a null pointer dereference and application crash...