Shodan
Vulnerabilities
Vulnerable Software
Axiosys:  >> Bento4  >> 1.5.1.0  Security Vulnerabilities
CVE-2019-20090
An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-12-30
CVE-2019-20091
An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp.
CVSS Score
5.5
EPSS Score
0.003
Published
2019-12-30
CVE-2019-20092
An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp.
CVSS Score
5.5
EPSS Score
0.003
Published
2019-12-30
CVE-2019-17528
An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-10-12
CVE-2019-17529
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-10-12
CVE-2019-17530
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-10-12
CVE-2019-17452
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-10-10
CVE-2019-17453
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-10-10
CVE-2019-17454
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-10-10
CVE-2019-15047
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-08-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved