CVE-2017-14646 in Bento4info

Summary

The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 do not properly validate data sizes, leading to a heap-based buffer over-read and application crash in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

09/21/2017

Disclosure

09/21/2017

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119

CVSS

7.4

EPSS

0.00896

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-14646
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-14646
CVE Details	https://www.cvedetails.com/cve/CVE-2017-14646/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!