Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bento4 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-14643
The AP4_HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version 1.5.0-617 uses an incorrect character data type, leading to a heap-based buffer over-read and application crash in AP4_BytesToUInt32BE in Core/Ap4Utils.h.
Bento4 Bento4 1.5.0-617
6.8
CVSSv2
CVE-2017-14644
A heap-based buffer overflow exists in the AP4_HdlrAtom class in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
Bento4 Bento4 1.5.0-617
4.3
CVSSv2
CVE-2017-14645
A heap-based buffer over-read exists in AP4_BitStream::ReadBytes in Codecs/Ap4BitStream.cpp in Bento4 version 1.5.0-617. The vulnerability causes an application crash, which leads to remote denial of service.
Bento4 Bento4 1.5.0-617
6.8
CVSSv2
CVE-2017-14647
A heap-based buffer overflow exists in AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
Bento4 Bento4 1.5.0-617
6.8
CVSSv2
CVE-2017-14257
In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file.
Bento4 Bento4 1.5.0-616
NA
CVE-2022-40774
An issue exists in Bento4 up to and including 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize.
Axiosys Bento4
NA
CVE-2022-40775
An issue exists in Bento4 up to and including 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields.
Axiosys Bento4
4.3
CVSSv2
CVE-2021-35306
An issue exists in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the function AP4_StszAtom::WriteFields located in Ap4StszAtom.cpp. It allows an malicious user to cause a denial of service (DOS).
Axiosys Bento4
4.3
CVSSv2
CVE-2021-35307
An issue exists in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an malicious user to cause a denial of service (DOS).
Axiosys Bento4
NA
CVE-2022-41841
An issue exists in Bento4 up to and including 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File.
Axiosys Bento4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »