Lucene search

K

26 matches found

CVE
CVE
added 2019/10/12 8:15 p.m.143 views

CVE-2019-17529

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.

7.8CVSS7.6AI score0.00165EPSS
CVE
CVE
added 2019/10/12 8:15 p.m.138 views

CVE-2019-17530

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.

7.8CVSS7.6AI score0.00165EPSS
CVE
CVE
added 2019/10/12 8:15 p.m.133 views

CVE-2019-17528

An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.

7.5CVSS7.5AI score0.00403EPSS
CVE
CVE
added 2019/12/30 4:15 a.m.93 views

CVE-2019-20090

An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp.

7.8CVSS7.6AI score0.00254EPSS
CVE
CVE
added 2019/12/30 4:15 a.m.90 views

CVE-2019-20091

An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp.

5.5CVSS5.5AI score0.00266EPSS
CVE
CVE
added 2019/12/30 4:15 a.m.90 views

CVE-2019-20092

An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp.

5.5CVSS5.5AI score0.00266EPSS
CVE
CVE
added 2019/10/10 5:15 p.m.62 views

CVE-2019-17452

Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump.

6.5CVSS6.4AI score0.00285EPSS
CVE
CVE
added 2019/07/18 7:15 p.m.60 views

CVE-2019-13959

In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186.

6.5CVSS6.2AI score0.00312EPSS
CVE
CVE
added 2019/10/10 5:15 p.m.41 views

CVE-2019-17454

Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.

6.5CVSS6.4AI score0.00285EPSS
CVE
CVE
added 2019/07/04 2:15 p.m.38 views

CVE-2019-13238

An issue was discovered in Bento4 1.5.1.0. A memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes. When parsing input video, the program allocates a new buffer to parse an atom in the stream. The unhandled memory allocation failure causes a direct copy to a NULL pointe...

7.5CVSS6.5AI score0.0087EPSS
CVE
CVE
added 2019/10/10 5:15 p.m.35 views

CVE-2019-17453

Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact.

6.5CVSS6.4AI score0.00285EPSS
CVE
CVE
added 2019/01/11 5:29 a.m.35 views

CVE-2019-6132

An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp when called from the AP4_EsdsAtom class in Core/Ap4EsdsAtom.cpp, as demonstrated by mp42aac.

7.5CVSS7.4AI score0.00468EPSS
CVE
CVE
added 2019/01/25 11:29 p.m.34 views

CVE-2019-6966

An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in Core/Ap4ElstAtom.cpp has an attempted excessive memory allocation related to AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h, as demonstrated by mp42hls.

6.5CVSS6.3AI score0.00308EPSS
CVE
CVE
added 2019/02/10 10:29 p.m.34 views

CVE-2019-7698

An issue was discovered in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls, a related issue to CVE-2018-20095.

6.5CVSS6.3AI score0.00308EPSS
CVE
CVE
added 2019/02/17 2:29 a.m.34 views

CVE-2019-8378

An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4_BitStream::ReadBytes() in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a Denial of Service (Seg...

8.8CVSS7.2AI score0.00402EPSS
CVE
CVE
added 2019/08/14 4:15 p.m.33 views

CVE-2019-15047

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp.

8.8CVSS8.7AI score0.00397EPSS
CVE
CVE
added 2019/02/17 2:29 a.m.33 views

CVE-2019-8380

An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in AP4_Track::GetSampleIndexForTimeStampMs() located in Core/Ap4Track.cpp. It can triggered by sending a crafted file to the mp4audioclip binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or...

8.8CVSS8.9AI score0.00345EPSS
CVE
CVE
added 2019/08/14 4:15 p.m.32 views

CVE-2019-15049

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.

8.8CVSS8.7AI score0.00418EPSS
CVE
CVE
added 2019/02/10 10:29 p.m.32 views

CVE-2019-7699

A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this vulnerability to cause an exception via crafted mp4 input, which leads to a denial of service.

6.5CVSS6.4AI score0.00388EPSS
CVE
CVE
added 2019/08/14 4:15 p.m.31 views

CVE-2019-15048

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp.

8.8CVSS8.8AI score0.00414EPSS
CVE
CVE
added 2019/08/14 4:15 p.m.31 views

CVE-2019-15050

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp.

8.8CVSS8.7AI score0.00418EPSS
CVE
CVE
added 2019/09/16 1:15 p.m.30 views

CVE-2019-16349

Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class.

5.5CVSS5.4AI score0.00178EPSS
CVE
CVE
added 2019/02/17 2:29 a.m.30 views

CVE-2019-8382

An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when called from Core/Ap4Movie.cpp. It can be triggered by sending a crafted file to the mp4dump binary. It allows an attacker to cause a Denial of Service (Segment...

8.8CVSS8.9AI score0.00345EPSS
CVE
CVE
added 2019/03/01 7:29 p.m.29 views

CVE-2019-9544

An issue was discovered in Bento4 1.5.1-628. An out of bounds write occurs in AP4_CttsTableEntry::AP4_CttsTableEntry() located in Core/Ap4Array.h. It can be triggered by sending a crafted file to (for example) the mp42hls binary. It allows an attacker to cause Denial of Service (Segmentation fault)...

8.8CVSS9.1AI score0.00402EPSS
CVE
CVE
added 2019/01/02 5:29 p.m.28 views

CVE-2018-20659

An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has an attempted excessive memory allocation when called from AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp, as demonstrated by mp42hls.

6.5CVSS6.4AI score0.00433EPSS
CVE
CVE
added 2019/02/10 10:29 p.m.27 views

CVE-2019-7697

An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4_AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42hls.

6.5CVSS6.3AI score0.00308EPSS