| Title | bento Bento4 v1.6.0 Buffer Overflow |
|---|
| Description | A heap buffer overflow vulnerability exists in Bento4's AP4_StdcFileByteStream::ReadPartial function. This vulnerability allows a remote attacker to cause a program to access parts of the heap memory other than the allocated memory blocks through crafted input data, thereby causing memory corruption. Specifically, the vulnerability is triggered when the fread function is called, causing writes to be out of the allocated memory. |
|---|
| Source | ⚠️ https://github.com/axiomatic-systems/Bento4/issues/991 |
|---|
| User | NPU Unmanned Systems Safety Laboratory (UID 80309) |
|---|
| Submission | 01/16/2025 09:07 AM (4 months ago) |
|---|
| Moderation | 01/27/2025 03:16 PM (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB Entry | 293518 [Axiomatic Bento4 up to 1.6.0 mp42aac ReadPartial heap-based overflow] |
|---|
| Points | 20 |
|---|