Submeter #780473: Bento4 <=1.6.0-641 Memory Corruptioninformação

TítuloBento4 <=1.6.0-641 Memory Corruption
DescriçãoA heap-buffer-overflow vulnerability was found in AP4_Dac4Atom DSI v1 parsing in Ap4Dac4Atom.cpp. A crafted MP4 file with a dac4 atom containing a large n_presentations value (up to 511) causes AP4_BitReader::SkipBits() to read far beyond the heap-allocated buffer. This leads to out-of-bounds read (CWE-125), causing potential information disclosure or denial of service.
Fonte⚠️ https://github.com/axiomatic-systems/Bento4/issues/1059
Utilizador
 breakingbad (UID 96046)
Submissão15/03/2026 16h28 (há 22 dias)
Moderação31/03/2026 16h09 (16 days later)
EstadoAceite
Entrada VulDB354387 [Axiomatic Bento4 até 1.6.0-641 DSI v1 Parser Ap4Dac4Atom.cpp AP4_BitReader::SkipBits n_presentations Excesso de tampão]
Pontos19

VoltarVisão GeralPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!