Vulnerabilities (CVE)

Filtered by vendor Bento4 Subscribe
Filtered by product Bento4
Total 15 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-14647 1 Bento4 1 Bento4 2024-11-21 6.8 MEDIUM 8.8 HIGH
A heap-based buffer overflow was discovered in AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
CVE-2017-14645 1 Bento4 1 Bento4 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A heap-based buffer over-read was discovered in AP4_BitStream::ReadBytes in Codecs/Ap4BitStream.cpp in Bento4 version 1.5.0-617. The vulnerability causes an application crash, which leads to remote denial of service.
CVE-2017-14644 1 Bento4 1 Bento4 2024-11-21 6.8 MEDIUM 8.8 HIGH
A heap-based buffer overflow was discovered in the AP4_HdlrAtom class in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
CVE-2017-14643 1 Bento4 1 Bento4 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The AP4_HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version 1.5.0-617 uses an incorrect character data type, leading to a heap-based buffer over-read and application crash in AP4_BytesToUInt32BE in Core/Ap4Utils.h.
CVE-2017-14642 1 Bento4 1 Bento4 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A NULL pointer dereference was discovered in the AP4_HdlrAtom class in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash in AP4_StdcFileByteStream::ReadPartial in System/StdC/Ap4StdCFileByteStream.cpp, which leads to remote denial of service.
CVE-2017-14641 1 Bento4 1 Bento4 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A NULL pointer dereference was discovered in the AP4_DataAtom class in MetaData/Ap4MetaData.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.
CVE-2017-14640 1 Bento4 1 Bento4 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A NULL pointer dereference was discovered in AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.
CVE-2017-14639 1 Bento4 1 Bento4 2024-11-21 6.8 MEDIUM 8.8 HIGH
AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly unspecified other impact.
CVE-2017-14638 1 Bento4 1 Bento4 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h.
CVE-2017-14261 1 Bento4 1 Bento4 2024-11-21 6.8 MEDIUM 7.8 HIGH
In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file.
CVE-2017-14259 1 Bento4 1 Bento4 2024-11-21 6.8 MEDIUM 7.8 HIGH
In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.
CVE-2017-14258 1 Bento4 1 Bento4 2024-11-21 6.8 MEDIUM 7.8 HIGH
In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.
CVE-2017-14257 1 Bento4 1 Bento4 2024-11-21 6.8 MEDIUM 7.8 HIGH
In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file.
CVE-2017-12476 1 Bento4 1 Bento4 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.
CVE-2017-12474 1 Bento4 1 Bento4 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The AP4_AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable.cpp in Bento4 mp42ts before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.