Lucene search
Veracode Vulnerability DatabaseVERACODE:31932HistorySep 02, 2021 - 6:40 p.m.
Denial Of Service (DoS)
2021-09-0218:40:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.003 Low
EPSS
Percentile
70.0%
gpac:sid is vulnerable to denial of service. Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “stss” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gpac:sid | eq | 1.0.1+dfsg1-3 | |
| ccextractor:sid | eq | 0.88+ds1-1 | |
| gpac:sid | eq | 1.0.1+dfsg1-3 | |
| ccextractor:sid | eq | 0.88+ds1-1 |
Related
cnvd
cnvd
nvd
nvd
CVE-2021-21852
2021-08-18 13:15:07
debiancve
debiancve
CVE-2021-21852
2021-08-18 13:15:07
cve
cve
CVE-2021-21852
2021-08-18 13:15:07
prion
prion
Integer overflow
2021-08-18 13:15:00
cvelist
cvelist
CVE-2021-21852
2021-08-18 00:00:00
ubuntucve
ubuntucve
CVE-2021-21852
2021-08-18 00:00:00
osv
osv
CVE-2021-21852
2021-08-18 13:15:07
gpac - security update
2023-05-26 00:00:00
talos
talos
debian
debian
[SECURITY] [DSA 5411-1] gpac security update
2023-05-26 14:00:08
nessus
nessus
Debian DSA-5411-1 : gpac - security update
2023-05-27 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5411-1)
2023-05-29 00:00:00