Vulnerabilities
Vulnerable Software
Gopro:  >> Gpmf-Parser  >> 1.2.3  Security Vulnerabilities
GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE(). Parsing malicious input can result in a crash or potentially arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.009
Published
2020-10-19
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_Next in GPMF_parser.c.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-12-30
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_seekToSamples in GPMF-parse.c for the "matching tags" feature.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-12-30
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GetPayload in GPMF_mp4reader.c.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-12-30
GoPro GPMF-parser 1.2.3 has an heap-based buffer over-read in GPMF_SeekToSamples in GPMF_parse.c for the size calculation.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-12-30


Contact Us

Shodan ® - All rights reserved