Lucene search
+L

18 matches found

Cvelist
Cvelist
added 2026/06/26 12:0 a.m.21 views

CVE-2026-36907

A stack overflow in the AP4StsdAtom::AP4StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.00125EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 12:0 a.m.11 views

CVE-2026-36907

Summary: CVE-2026-36907 is a stack overflow in the Bento4 toolkit (Apollo AXIOMATIC Bento4) within the AP4_StsdAtom component. Affected version(s): Bento4 before v1.8.9. Impact: Denial of Service (DoS) via a crafted MP4 file. Root cause: Stack overflow in AP4_StsdAtom when parsing MP4 metadata. R...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/26 12:0 a.m.5 views

CVE-2026-36907

A stack overflow in the AP4StsdAtom::AP4StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.10 views

PT-2026-52975

Name of the Vulnerable Software and Affected Versions Bento4 versions prior to 1.8.9 Description A stack overflow occurs in the AP4 StsdAtom::AP4 StsdAtom component, which can be triggered by a specially crafted MP4 file, leading to a Denial of Service DoS. Recommendations Update to version 1.8.9...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-3663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. This issue affects the function AP4StsdAtom of the file Ap4StsdAtom.cpp of the...

5.5CVSS5.3AI score0.00653EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.2 views

SUSE CVE-2008-5242

demuxqt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not validate the count field before calling calloc for STSDATOM atom allocation, which allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted media file...

6.8CVSS7.9AI score0.03138EPSS
Exploits0References4
OSV
OSV
added 2022/10/26 7:15 p.m.4 views

UBUNTU-CVE-2022-3663

A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. This issue affects the function AP4StsdAtom of the file Ap4StsdAtom.cpp of the component MP4fragment. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been...

5.5CVSS4.8AI score0.00653EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/10/26 12:0 a.m.3 views

PT-2022-23516 · Axiomatic · Bento4

Name of the Vulnerable Software and Affected Versions: Axiomatic Bento4 affected versions not specified Description: A problematic issue affects the AP4 StsdAtom function of the Ap4StsdAtom.cpp file in the MP4fragment component, leading to a null pointer dereference. The attack can be initiated...

5.5CVSS5.2AI score0.00653EPSS
Exploits1References8
OSV
OSV
added 2019/10/10 5:15 p.m.6 views

CVE-2019-17454

Bento4 1.5.1.0 has a NULL pointer dereference in AP4Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info...

6.5CVSS6.6AI score0.01156EPSS
Exploits1References1
OSV
OSV
added 2019/10/10 5:15 p.m.3 views

UBUNTU-CVE-2019-17454

Bento4 1.5.1.0 has a NULL pointer dereference in AP4Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info...

6.5CVSS6.6AI score0.01156EPSS
Exploits1References3
Check Point Advisories
Check Point Advisories
added 2015/03/26 12:0 a.m.27 views

Apple Quicktime MJPEG Frame stsd Atom Heap Overflow - Ver2 (CVE-2013-1020)

A buffer overflow vulnerability has been reported in Apple Quicktime. The vulnerability is due to improper processing of mjpeg movies with an improper jpeg frame size in the stsd atom. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...

9.3CVSS7.5AI score0.03335EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/03/31 12:0 a.m.30 views

Apple QuickTime STSD JPEG Atom Heap Corruption - Ver2 (CVE-2009-0007)

Apple's QuickTime is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files as well as numerous audio/video formats. There exists a heap buffer memory corruption vulnerability in Apple QuickTime. The vulnerability is due to lack...

9.3CVSS7.6AI score0.0772EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/10/13 12:0 a.m.30 views

Apple QuickTime MJPEG Frame stsd Atom Heap Overflow (CVE-2013-1020)

A heap overflow vulnerability exists in Apple QuickTime...

6.5AI score0.03335EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2013/06/11 12:0 a.m.30 views

Apple QuickTime MJPEG Frame stsd Atom Heap Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing a mjp...

7.5CVSS3.2AI score0.03335EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2013/06/11 12:0 a.m.41 views

Apple QuickTime stsd Atom Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.5CVSS4.1AI score0.04014EPSS
Exploits0References1
Saint
Saint
added 2009/06/03 12:0 a.m.20 views

Microsoft DirectX DirectShow QuickTime movie parsing vulnerability

Added: 06/03/2009 CVE: CVE-2009-1537 BID: 35139 OSVDB: 54797 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A command execution...

9.3CVSS6.3AI score0.51207EPSS
Exploits7
Saint
Saint
added 2009/06/03 12:0 a.m.48 views

Microsoft DirectX DirectShow QuickTime movie parsing vulnerability

Added: 06/03/2009 CVE: CVE-2009-1537 BID: 35139 OSVDB: 54797 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A command execution...

9.3CVSS6.3AI score0.51207EPSS
Exploits7
NVD
NVD
added 2007/05/14 9:19 p.m.20 views

CVE-2007-0754

Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor STSD atom size in a QuickTime movie...

9.3CVSS7.6AI score0.0503EPSS
Exploits0References7
Rows per page
Query Builder