DEBIAN-CVE-2025-70116

A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields e.g., codec/mime/profile strings. gfmediamapesd then calls strlen on a NULL pointer, triggering a crash ASan SEGV...

EUVD-2019-7843

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-14544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists one invalid memory read bug in AP4SampleDescription::GetFormat in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a...

PT-2024-19550 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3 Description: A buffer overflow issue was detected in GPAC via the gf isom new generic sample description function in the isomedia/isom write.c file at line 4577. This issue can be exploited, potentially leading to security...

CVE-2019-17454

Bento4 1.5.1.0 has a NULL pointer dereference in AP4Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info...

UBUNTU-CVE-2019-17454

Bento4 1.5.1.0 has a NULL pointer dereference in AP4Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info...

UBUNTU-CVE-2018-14544

There exists one invalid memory read bug in AP4SampleDescription::GetFormat in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts...

Bento4 Invalid Memory Read Vulnerability

Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. An invalid memory read vulnerability exists in AP4SampleDescription::GetType in Ap4SampleDescription.h in Bento4 1.5.1-624, which can be exploited by an attacker to cause a denial of service via specially crafted mp4...

Bento4 Invalid Memory Read Vulnerability (CNVD-2019-05129)

Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. An invalid memory read vulnerability exists in AP4SampleDescription::GetFormat in Ap4SampleDescription.h in Bento4 1.5.1-624, which can be exploited by an attacker to cause a denial of service via specially crafted mp4...

CVE-2010-0528

Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom STSD, and a crafted length value...

Advisory: Apple QuickTime Image Description Atom Sign Extension Memory Corruption

INTRODUCTION ============ According to QuickTime's specification, The sample description atom STSD stores information that allows QuickTime to decode samples in the media. It has the following structure: 0 DWORD Size 4 DWORD Type 8 BYTE Version 9 BYTE3 FLAGS 12 DWORD Number of entries 16 DWORD...