Soumettre #780472: Bento4 <=1.6.0-641 Memory Corruptioninformation

TitreBento4 <=1.6.0-641 Memory Corruption
DescriptionA heap-buffer-overflow vulnerability was found in AP4_Dac4Atom constructor in Ap4Dac4Atom.cpp. When parsing a crafted MP4 file with a dac4 atom containing insufficient payload, AP4_BitReader::ReadCache() reads beyond the heap-allocated buffer. This leads to out-of-bounds read (CWE-125), causing potential information disclosure or denial of service.
La source⚠️ https://github.com/axiomatic-systems/Bento4/issues/1058
Utilisateur
 breakingbad (UID 96046)
Soumission15/03/2026 16:27 (il y a 25 jours)
Modérer31/03/2026 16:09 (16 days later)
StatutAccepté
Entrée VulDB354386 [Axiomatic Bento4 jusqu’à 1.6.0-641 MP4 File Parser Ap4Dac4Atom.cpp AP4_BitReader::ReadCache buffer overflow]
Points19

PrécédentAperçuSuivant

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!