Bento4

Bento4

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-25947

Exploit
  • EPSS 0.03%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 13.05.2025 14:02:23

An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4_AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file.

5.5

CVE-2025-25946

Exploit
  • EPSS 0.03%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 09.06.2025 16:49:57

An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in AP4_MarlinIpmpEncryptingProcessor::Initialize and AP4_Processor::Process, during the execution of mp4encrypt with a specia...

6.5

CVE-2025-25945

Exploit
  • EPSS 0.13%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 13.05.2025 14:02:19

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_DescriptorFactory::CreateDescriptorFromStream at Ap4DescriptorFactory.cpp.

7.3

CVE-2025-25944

Exploit
  • EPSS 0.07%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 13.05.2025 14:02:17

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4_RtpAtom::AP4_RtpAtom, during the execution of mp4fragment with a crafted MP4 input file.

7.8

CVE-2025-25943

Exploit
  • EPSS 0.1%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 13.05.2025 14:02:15

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom component located in Ap4Stz2Atom.cpp.

6.5

CVE-2025-25942

Exploit
  • EPSS 0.13%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 13.05.2025 14:02:13

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released.

6.5

CVE-2024-57598

Exploit
  • EPSS 0.23%
  • Veröffentlicht 05.02.2025 22:15:33
  • Zuletzt bearbeitet 15.05.2025 21:15:27

A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in function AP4_TfraAtom() of Ap4TfraAtom.cpp which allows a remote attacker to cause a denial of service vulnerability.

6.5

CVE-2024-57513

  • EPSS 0.1%
  • Veröffentlicht 29.01.2025 22:15:30
  • Zuletzt bearbeitet 31.01.2025 20:15:31

A floating-point exception (FPE) vulnerability exists in the AP4_TfraAtom::AP4_TfraAtom function in Bento4.

7.5

CVE-2024-30809

Exploit
  • EPSS 0.08%
  • Veröffentlicht 02.04.2024 18:15:12
  • Zuletzt bearbeitet 27.05.2025 14:00:22

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in Ap4Sample.h in AP4_Sample::GetOffset() const, leading to a Denial of Service (DoS), as demonstrated by mp42ts.

2.7

CVE-2024-30808

Exploit
  • EPSS 0.04%
  • Veröffentlicht 02.04.2024 18:15:12
  • Zuletzt bearbeitet 27.05.2025 13:59:21

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_SubStream::~AP4_SubStream at Ap4ByteStream.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42ts.