18 matches found
CVE-2026-36907
A stack overflow in the AP4StsdAtom::AP4StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
CVE-2026-36907
Summary: CVE-2026-36907 is a stack overflow in the Bento4 toolkit (Apollo AXIOMATIC Bento4) within the AP4_StsdAtom component. Affected version(s): Bento4 before v1.8.9. Impact: Denial of Service (DoS) via a crafted MP4 file. Root cause: Stack overflow in AP4_StsdAtom when parsing MP4 metadata. R...
CVE-2026-36907
A stack overflow in the AP4StsdAtom::AP4StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
PT-2026-52975
Name of the Vulnerable Software and Affected Versions Bento4 versions prior to 1.8.9 Description A stack overflow occurs in the AP4 StsdAtom::AP4 StsdAtom component, which can be triggered by a specially crafted MP4 file, leading to a Denial of Service DoS. Recommendations Update to version 1.8.9...
Linux Distros Unpatched Vulnerability : CVE-2022-3663
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. This issue affects the function AP4StsdAtom of the file Ap4StsdAtom.cpp of the...
SUSE CVE-2008-5242
demuxqt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not validate the count field before calling calloc for STSDATOM atom allocation, which allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted media file...
UBUNTU-CVE-2022-3663
A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. This issue affects the function AP4StsdAtom of the file Ap4StsdAtom.cpp of the component MP4fragment. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been...
PT-2022-23516 · Axiomatic · Bento4
Name of the Vulnerable Software and Affected Versions: Axiomatic Bento4 affected versions not specified Description: A problematic issue affects the AP4 StsdAtom function of the Ap4StsdAtom.cpp file in the MP4fragment component, leading to a null pointer dereference. The attack can be initiated...
CVE-2019-17454
Bento4 1.5.1.0 has a NULL pointer dereference in AP4Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info...
UBUNTU-CVE-2019-17454
Bento4 1.5.1.0 has a NULL pointer dereference in AP4Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info...
Apple Quicktime MJPEG Frame stsd Atom Heap Overflow - Ver2 (CVE-2013-1020)
A buffer overflow vulnerability has been reported in Apple Quicktime. The vulnerability is due to improper processing of mjpeg movies with an improper jpeg frame size in the stsd atom. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...
Apple QuickTime STSD JPEG Atom Heap Corruption - Ver2 (CVE-2009-0007)
Apple's QuickTime is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files as well as numerous audio/video formats. There exists a heap buffer memory corruption vulnerability in Apple QuickTime. The vulnerability is due to lack...
Apple QuickTime MJPEG Frame stsd Atom Heap Overflow (CVE-2013-1020)
A heap overflow vulnerability exists in Apple QuickTime...
Apple QuickTime MJPEG Frame stsd Atom Heap Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing a mjp...
Apple QuickTime stsd Atom Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Microsoft DirectX DirectShow QuickTime movie parsing vulnerability
Added: 06/03/2009 CVE: CVE-2009-1537 BID: 35139 OSVDB: 54797 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A command execution...
Microsoft DirectX DirectShow QuickTime movie parsing vulnerability
Added: 06/03/2009 CVE: CVE-2009-1537 BID: 35139 OSVDB: 54797 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A command execution...
CVE-2007-0754
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor STSD atom size in a QuickTime movie...