There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.
Max CVSS
5.5
EPSS Score
0.06%
Published
2018-07-23
Updated
2018-09-19
There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.
Max CVSS
5.5
EPSS Score
0.06%
Published
2018-07-23
Updated
2018-09-19
There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump.
Max CVSS
5.5
EPSS Score
0.06%
Published
2018-07-23
Updated
2018-09-19
In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file.
Max CVSS
6.5
EPSS Score
0.12%
Published
2018-07-20
Updated
2019-10-03
4 vulnerabilities found