Axiosys: >> Bento4 >> 1.6.0-639 Security Vulnerabilities
An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-09-15
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, called from AP4_EsDescriptor::WriteFields and AP4_Expandable::Write.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-09-15
Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-09-14
An memory leak issue was discovered in AP4_StdcFileByteStream::Create in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-09-14
An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-18
Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.
CVSS Score
8.1
EPSS Score
0.005
Published
2022-03-21
Page 6