| 제목 | Bento4 <=1.6.0-641 Memory Corruption |
|---|
| 설명 | A heap-buffer-overflow vulnerability was found in AP4_Dac4Atom DSI v1 parsing in Ap4Dac4Atom.cpp. A crafted MP4 file with a dac4 atom containing a large n_presentations value (up to 511) causes AP4_BitReader::SkipBits() to read far beyond the heap-allocated buffer. This leads to out-of-bounds read (CWE-125), causing potential information disclosure or denial of service. |
|---|
| 원천 | ⚠️ https://github.com/axiomatic-systems/Bento4/issues/1059 |
|---|
| 사용자 | breakingbad (UID 96046) |
|---|
| 제출 | 2026. 03. 15. PM 04:28 (20 날 ago) |
|---|
| 모더레이션 | 2026. 03. 31. PM 04:09 (16 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 354387 [Axiomatic Bento4 까지 1.6.0-641 DSI v1 Parser Ap4Dac4Atom.cpp AP4_BitReader::SkipBits n_presentations 메모리 손상] |
|---|
| 포인트들 | 19 |
|---|