libgpac.so is vulnerable to denial of service. The vulnerability exists through the heap-buffer-overflow in the schm_box_read
function of box_code_drm.c
because the function does not properly check the length of URI
, allowing an attacker to crash the application by providing a maliciously crafted file to the MP4Box command.
CPE | Name | Operator | Version |
---|---|---|---|
libgpac.so | le | 10.1.0 | |
gpac:sid | eq | 1.0.1+dfsg1-3 | |
gpac:bookworm | eq | 1.0.1+dfsg1-5 | |
libgpac.so | le | 10.1.0 | |
gpac:sid | eq | 1.0.1+dfsg1-3 | |
gpac:bookworm | eq | 1.0.1+dfsg1-5 |