10 matches found
Allocation of Resources Without Limits or Throttling
Overview bento4 is a Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the SetDataSize function in Mp4Decrypt.cpp of the mp4decrypt component. An attacker can cause excessive...
CVE-2025-8537
A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources. It is possible to launch the attack...
Bento4 安全漏洞
Bento4 is an open source C++ library for reading and writing MP4 files. Bento4 suffers from a denial of service vulnerability caused by a flaw in the Mp4Decrypt file Mp4Decrypt.cpp function AP4DataBuffer::SetDataSize. An attacker can exploit this vulnerability to cause a denial of service...
CVE-2022-3785
A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2022-3785 Axiomatic Bento4 Avcinfo SetDataSize heap-based overflow
A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been...
PT-2022-24113 · Axiomatic · Axiomatic Bento4
Name of the Vulnerable Software and Affected Versions: Axiomatic Bento4 affected versions not specified Description: A critical issue has been found in Axiomatic Bento4, affecting the function AP4 DataBuffer::SetDataSize of the Avcinfo component. This issue leads to a heap-based buffer overflow...
Bento4 缓冲区错误漏洞
Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 that stems from an affected AP4DataBuffer::SetDataSize function in the component Avcinfo, which could lead to a heap-based buffer overflow...
Bento4 Null Pointer Dereference Vulnerability (CNVD-2019-28473)
Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. A null pointer dereference vulnerability exists in Bento4 1.5.1-627, which stems from AP4DataBuffer::SetDataSize failing to handle a reallocation failure, resulting in memory being copied to a NULL pointer, which can be...
CVE-2019-13959
In Bento4 1.5.1-627, AP4DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186...
CVE-2018-20186
An issue was discovered in Bento4 1.5.1-627. AP4Sample::ReadData in Core/Ap4Sample.cpp allows attackers to trigger an attempted excessive memory allocation, related to AP4DataBuffer::SetDataSize and AP4DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp...