Bento4 Security Vulnerabilities and Issues — Bento4 CVE List

Lucene search

AxiosysBento4

10 matches found

cve•added 2025/02/19 11:15 p.m.•54 views

CVE-2025-25943

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom component located in Ap4Stz2Atom.cpp.

7.8CVSS7.3AI score0.00049EPSS

cve•added 2025/02/19 11:15 p.m.•52 views

CVE-2025-25946

An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in AP4_MarlinIpmpEncryptingProcessor::Initialize and AP4_Processor::Process, during the execution of mp4encrypt with a specially crafted MP4 input file.

5.5CVSS6.6AI score0.00018EPSS

cve•added 2025/02/19 11:15 p.m.•50 views

CVE-2025-25942

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released.

6.5CVSS6.1AI score0.00046EPSS

cve•added 2025/02/19 11:15 p.m.•50 views

CVE-2025-25947

An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4_AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file.

5.5CVSS6.6AI score0.00018EPSS

cve•added 2025/02/19 11:15 p.m.•49 views

CVE-2025-25945

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_DescriptorFactory::CreateDescriptorFromStream at Ap4DescriptorFactory.cpp.

6.5CVSS6.1AI score0.00046EPSS

cve•added 2025/02/19 11:15 p.m.•48 views

CVE-2025-25944

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4_RtpAtom::AP4_RtpAtom, during the execution of mp4fragment with a crafted MP4 input file.

7.3CVSS7.3AI score0.00037EPSS

cve•added 2025/02/05 10:15 p.m.•45 views

CVE-2024-57598

A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in function AP4_TfraAtom() of Ap4TfraAtom.cpp which allows a remote attacker to cause a denial of service vulnerability.

6.5CVSS6.6AI score0.00177EPSS

cve•added 2025/01/27 8:15 p.m.•44 views

CVE-2025-0751

A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to ...

7.5CVSS7.2AI score0.00056EPSS

cve•added 2025/01/30 1:15 p.m.•42 views

CVE-2025-0870

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of a...

6.3CVSS5.6AI score0.00072EPSS

cve•added 2025/01/27 9:15 p.m.•39 views

CVE-2025-0753

A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been di...

7.5CVSS7.2AI score0.00056EPSS