Lucene search
Veracode Vulnerability DatabaseVERACODE:31924HistorySep 02, 2021 - 6:31 p.m.
Denial Of Service (DoS)
2021-09-0218:31:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.002 Low
EPSS
Percentile
55.6%
gpac:bullseye is vulnerable to denial of service. An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the ‘hdlr’ FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gpac:bullseye | eq | 0.7.1+dfsg1-4 | |
| gpac:sid | eq | 1.0.1+dfsg1-3 | |
| gpac:bullseye | eq | 0.7.1+dfsg1-4 | |
| gpac:sid | eq | 1.0.1+dfsg1-3 |
Related
prion
prion
Heap overflow
2021-08-16 20:15:00
osv
osv
CVE-2021-21861
2021-08-16 20:15:48
gpac - security update
2021-08-31 00:00:00
ubuntucve
ubuntucve
CVE-2021-21861
2021-08-16 00:00:00
cnvd
cnvd
GPAC can exploit integer truncation vulnerability
2021-08-18 00:00:00
cvelist
cvelist
CVE-2021-21861
2021-08-16 19:07:46
debiancve
debiancve
CVE-2021-21861
2021-08-16 20:15:48
cve
cve
CVE-2021-21861
2021-08-16 20:15:48
nvd
nvd
CVE-2021-21861
2021-08-16 20:15:48
talos
talos
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0431)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-4966-1)
2021-09-02 00:00:00
debian
debian
[SECURITY] [DSA 4966-1] gpac security update
2021-08-31 21:07:40
mageia
mageia
Updated gpac packages fix security vulnerability
2021-09-23 07:49:29
nessus
nessus
Debian DSA-4966-1 : gpac - security update
2021-09-01 00:00:00