92Wyunchao

**Name of the Vulnerable Software and Affected Versions** audiofile version 0.3.6 **Description** The issue is related to a heap buffer overflow vulnerability in the `FilePOSIX::read` function in `File.cpp`. This can cause a denial-of-service when a crafted wav file is used, and the bug can be triggered by the executable `sfconvert`. **Recommendations** For audiofile version 0.3.6, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** zziplib version 0.13.69 **Description** An issue was discovered in the function `zzip disk entry to file header` in `mmapped.c`, which will lead to a denial-of-service. **Recommendations** For zziplib version 0.13.69, consider applying a patch or fix to resolve the issue in the `zzip disk entry to file header` function. As a temporary workaround, consider restricting access to the `mmapped.c` module to minimize the risk of exploitation.

**Nome do software vulnerável e versões afetadas** Exiv2 versão 0.27.99.0 **Descrição** O problema está relacionado a uma exceção de ponto flutuante na função printLong no arquivo tags int.cpp, que pode ser explorada por invasores para causar uma negação de serviço (DOS) por meio de um arquivo TIF malicioso. Isso se deve à falta de verificação de divisão por zero, permitindo que um invasor remoto interrompa o serviço usando um arquivo especialmente criado. **Recomendações** Para a versão 0.27.99.0 do Exiv2, considere desativar a função printLong no arquivo tags int.cpp como uma solução temporária até que um patch esteja disponível. Restrinja o acesso ao manuseio de arquivos TIF para minimizar o risco de exploração. No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Exiv2 version 0.27.99.0 **Description** The issue is related to an invalid memory access in the `decode` function of the `iptc.cpp` component in the Exiv2 library, which can lead to a buffer overflow. This allows a remote attacker to cause a denial of service (DOS) by using a specially crafted tif file. **Recommendations** For Exiv2 version 0.27.99.0, consider disabling the `decode` function in `iptc.cpp` as a temporary workaround to prevent exploitation until a patch is available. Restrict access to the `iptc.cpp` component to minimize the risk of denial of service attacks. Avoid using the affected Exiv2 library with untrusted tif files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Exiv2 version 0.27.99.0 **Description** The issue is related to a global buffer over-read in the `Exiv2::Internal::Nikon1MakerNote::print0x0088` function in `nikonmn int.cpp`, which can result in an information leak. This can allow a remote attacker to access confidential data and potentially cause a denial of service. **Recommendations** For Exiv2 version 0.27.99.0, consider disabling the `Exiv2::Internal::Nikon1MakerNote::print0x0088` function as a temporary workaround until a patch is available. Restrict access to sensitive data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ZZIPlib version 0.13.69 **Description** The issue allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file. This is due to the `unzzip cat` function in the bins/unzzipcat-mem.c file. **Recommendations** For ZZIPlib version 0.13.69, consider restricting the use of the `unzzip cat` function until a patch is available to prevent directory traversal attacks.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1-624 **Description** The issue is related to an invalid memory read bug in the AP4 SampleDescription::GetType() function in Ap4SampleDescription.h. This can be exploited by attackers to cause a denial-of-service via a crafted mp4 file, which can be triggered by the executable mp42ts. **Recommendations** For Bento4 version 1.5.1-624, consider avoiding the use of crafted mp4 files until a patch is available. As a temporary workaround, restrict the execution of the mp42ts executable to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1-624 **Description** The issue is related to an invalid memory read bug in the `AP4 SampleDescription::GetFormat()` function in `Ap4SampleDescription.h`. This can be exploited by attackers to cause a denial-of-service via a crafted mp4 file, which can be triggered by the executable `mp42ts`. **Recommendations** For Bento4 version 1.5.1-624, as a temporary workaround, consider restricting the use of the `AP4 SampleDescription::GetFormat()` function until a patch is available. Avoid processing crafted mp4 files with the executable `mp42ts` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1-624 **Description** The issue is related to a NULL pointer dereference vulnerability in the AP4 JsonInspector::AddField function in Ap4Atom.cpp. This can be exploited by attackers to cause a denial-of-service via a crafted mp4 file, which can be triggered by the executable mp4dump. **Recommendations** For Bento4 version 1.5.1-624, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The audiofile Audio File Library version 0.3.6 **Description** The issue is related to a NULL pointer dereference bug in the `ModuleState::setup` function, located in `modules/ModuleState.cpp`. This bug can be exploited by an attacker to cause a denial of service using a crafted caf file. An example of such exploitation is demonstrated by the sfconvert tool. **Recommendations** For The audiofile Audio File Library version 0.3.6, consider restricting access to the `ModuleState::setup` function in `modules/ModuleState.cpp` to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using crafted caf files that could trigger the NULL pointer dereference bug. At the moment, there is no information about a newer version that contains a fix for this vulnerability.