Axiomatic Bento4 avcinfo Ap4BitStream.cpp WriteBytes heap-based overflow

A vulnerability classified as critical has been found in Axiomatic Bento4. Affected is the function AP4_BitStream::WriteBytes of the file Ap4BitStream.cpp of the component avcinfo. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212004.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

内存缓冲区边界内操作的限制不恰当

Bento4 缓冲区错误漏洞

Bento4是一款用于读写MP4文件的开源的C++库。 Bento4存在安全漏洞，该漏洞源于存在基于堆的缓冲区溢出问题。

N/A

N/A