Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axiosys bento4 1.5.1.0 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-5253
The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling.
Axiosys Bento4 1.5.1.0
7.5
CVSSv3
CVE-2019-13238
An issue exists in Bento4 1.5.1.0. A memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes. When parsing input video, the program allocates a new buffer to parse an atom in the stream. The unhandled memory allocation failure causes a direct copy to a ...
Axiosys Bento4 1.5.1.0
5.5
CVSSv3
CVE-2019-20092
An issue exists in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp.
Axiosys Bento4 1.5.1.0
6.5
CVSSv3
CVE-2020-21066
An issue exists in Bento4 v1.5.1.0. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42aac.
Axiosys Bento4 1.5.1.0
7.8
CVSSv3
CVE-2019-17529
An issue exists in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
Axiosys Bento4 1.5.1.0
7.8
CVSSv3
CVE-2019-17530
An issue exists in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
Axiosys Bento4 1.5.1.0
7.5
CVSSv3
CVE-2018-10790
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote malicious users to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
Axiosys Bento4 1.5.1.0
7.8
CVSSv3
CVE-2019-20090
An issue exists in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp.
Axiosys Bento4 1.5.1.0
5.5
CVSSv3
CVE-2019-20091
An issue exists in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp.
Axiosys Bento4 1.5.1.0
6.5
CVSSv3
CVE-2019-17454
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.
Axiosys Bento4 1.5.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »