The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows malicious users to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Debian Bug report logs -
#994746
ccextractor embeds unpatched and vulnerable source code from gpac
Package:
ccextractor;
Maintainer for ccextractor is Freexian Packaging Team <team+freexian@trackerdebianorg>; Source for ccextractor is src:ccextractor (PTS, buildd, popcon)
Reported by: Neil Williams <codehelp@debianorg& ...
The gf_isom_set_extraction_slc function in GPAC 101 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command ...