Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Bento4 Subscribe
Total 15 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-14639 1 Bento4 1 Bento4 2019-10-02 6.8 MEDIUM 8.8 HIGH
AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly unspecified other impact.
CVE-2017-14645 1 Bento4 1 Bento4 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
A heap-based buffer over-read was discovered in AP4_BitStream::ReadBytes in Codecs/Ap4BitStream.cpp in Bento4 version 1.5.0-617. The vulnerability causes an application crash, which leads to remote denial of service.
CVE-2017-14643 1 Bento4 1 Bento4 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
The AP4_HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version 1.5.0-617 uses an incorrect character data type, leading to a heap-based buffer over-read and application crash in AP4_BytesToUInt32BE in Core/Ap4Utils.h.
CVE-2017-14647 1 Bento4 1 Bento4 2017-10-03 6.8 MEDIUM 8.8 HIGH
A heap-based buffer overflow was discovered in AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
CVE-2017-14644 1 Bento4 1 Bento4 2017-09-28 6.8 MEDIUM 8.8 HIGH
A heap-based buffer overflow was discovered in the AP4_HdlrAtom class in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
CVE-2017-14641 1 Bento4 1 Bento4 2017-09-28 4.3 MEDIUM 6.5 MEDIUM
A NULL pointer dereference was discovered in the AP4_DataAtom class in MetaData/Ap4MetaData.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.
CVE-2017-14642 1 Bento4 1 Bento4 2017-09-28 4.3 MEDIUM 6.5 MEDIUM
A NULL pointer dereference was discovered in the AP4_HdlrAtom class in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash in AP4_StdcFileByteStream::ReadPartial in System/StdC/Ap4StdCFileByteStream.cpp, which leads to remote denial of service.
CVE-2017-14640 1 Bento4 1 Bento4 2017-09-28 4.3 MEDIUM 6.5 MEDIUM
A NULL pointer dereference was discovered in AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.
CVE-2017-14638 1 Bento4 1 Bento4 2017-09-28 4.3 MEDIUM 6.5 MEDIUM
AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h.
CVE-2017-14261 1 Bento4 1 Bento4 2017-09-19 6.8 MEDIUM 7.8 HIGH
In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file.
CVE-2017-14257 1 Bento4 1 Bento4 2017-09-19 6.8 MEDIUM 7.8 HIGH
In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file.
CVE-2017-14259 1 Bento4 1 Bento4 2017-09-19 6.8 MEDIUM 7.8 HIGH
In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.
CVE-2017-14258 1 Bento4 1 Bento4 2017-09-19 6.8 MEDIUM 7.8 HIGH
In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.
CVE-2017-12476 1 Bento4 1 Bento4 2017-09-07 4.3 MEDIUM 5.5 MEDIUM
The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.
CVE-2017-12474 1 Bento4 1 Bento4 2017-09-07 4.3 MEDIUM 5.5 MEDIUM
The AP4_AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable.cpp in Bento4 mp42ts before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.