Vulnerabilities (CVE)

Vendor filter

Axiosys Subscribe

Filter

43 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-17452 1 Axiosys 1 Bento4 2019-10-11 4.3
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump.
CVE-2019-17454 1 Axiosys 1 Bento4 2019-10-11 4.3
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.
CVE-2019-17453 1 Axiosys 1 Bento4 2019-10-11 4.3
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact.
CVE-2018-20408 1 Axiosys 1 Bento4 2019-10-03 4.3
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_StdcFileByteStream::Create in System/StdC/Ap4StdCFileByteStream.cpp, as demonstrated by mp42hls.
CVE-2018-20095 1 Axiosys 1 Bento4 2019-10-03 4.3
An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls.
CVE-2018-20659 1 Axiosys 1 Bento4 2019-10-03 4.3
An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has an attempted excessive memory allocation when called from AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp, as demonstrated by mp42hls.
CVE-2018-20409 1 Axiosys 1 Bento4 2019-10-03 4.3
An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls.
CVE-2018-14445 1 Axiosys 1 Bento4 2019-10-03 4.3
In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file.
CVE-2018-14584 1 Axiosys 1 Bento4 2019-10-03 6.8
An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read.
CVE-2018-14585 1 Axiosys 1 Bento4 2019-10-03 6.8
An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.
CVE-2017-14646 2 Bento4, Axiosys 2 Bento4, Bento4 2019-10-03 5.0
The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 do not properly validate data sizes, leading to a heap-based buffer over-read and application crash in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.
CVE-2018-14587 1 Axiosys 1 Bento4 2019-10-03 6.8
An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read.
CVE-2018-14589 1 Axiosys 1 Bento4 2019-10-03 6.8
An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read.
CVE-2018-14588 1 Axiosys 1 Bento4 2019-10-03 5.0
An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.
CVE-2018-5253 1 Axiosys 1 Bento4 2019-10-03 6.8
The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling.
CVE-2018-20407 1 Axiosys 1 Bento4 2019-10-03 4.3
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42hls.
CVE-2019-16349 1 Axiosys 1 Bento4 2019-09-17 4.3
Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class.
CVE-2019-15050 1 Axiosys 1 Bento4 2019-08-19 6.8
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp.
CVE-2019-15047 1 Axiosys 1 Bento4 2019-08-16 6.8
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp.
CVE-2019-15049 1 Axiosys 1 Bento4 2019-08-16 6.8
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.