N/A

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when reading an atom using the 'sbgp' FOURCC code can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

N/A

整数溢出导致缓冲区溢出

GPAC Project Advanced Content 缓冲区错误漏洞

GPAC Project Advanced Content是MPEG-4系统标准的实现，以ANSI C编写。 GPAC Project Advanced Content 1.0.1版本存在缓冲区错误漏洞，该漏洞源于 sbgp decoder的MPEG-4解码功能中的整数溢出。远程攻击者可利用该漏洞欺骗受害者打开视频，触发整数溢出并在目标系统上执行任意代码。

N/A

N/A