Bento4

Bento4

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2017-14640

Exploit
  • EPSS 0.52%
  • Veröffentlicht 21.09.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A NULL pointer dereference was discovered in AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.

8.8

CVE-2017-14639

Exploit
  • EPSS 0.87%
  • Veröffentlicht 21.09.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly un...

6.5

CVE-2017-14638

Exploit
  • EPSS 0.57%
  • Veröffentlicht 21.09.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h.

7.8

CVE-2017-14261

Exploit
  • EPSS 0.22%
  • Veröffentlicht 11.09.2017 09:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file.

7.8

CVE-2017-14259

Exploit
  • EPSS 0.46%
  • Veröffentlicht 11.09.2017 09:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.

7.8

CVE-2017-14258

Exploit
  • EPSS 0.53%
  • Veröffentlicht 11.09.2017 09:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.

7.8

CVE-2017-14257

Exploit
  • EPSS 0.22%
  • Veröffentlicht 11.09.2017 09:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file.

5.5

CVE-2017-12474

  • EPSS 0.26%
  • Veröffentlicht 06.09.2017 08:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The AP4_AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable.cpp in Bento4 mp42ts before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.

5.5

CVE-2017-12476

  • EPSS 0.26%
  • Veröffentlicht 06.09.2017 08:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.