Acesrc

**Name of the Vulnerable Software and Affected Versions** mp4v2 version 2.1.3 **Description** The issue is related to a memory leak in the mp4v2 library when a method calling `MP4File::ReadBytes()` allocates memory but does not catch exceptions thrown by `ReadBytes()`. This can lead to a denial of service. **Recommendations** For mp4v2 version 2.1.3, consider implementing exception handling for the `ReadBytes()` method to prevent memory leaks. As a temporary workaround, review code that allocates memory and ensure proper exception handling to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mp4v2 version 2.1.3 **Description** A memory leak was discovered in mp4v2 via the `MP4File::ReadString()` function at `mp4file io.cpp`. **Recommendations** For mp4v2 version 2.1.3, consider restricting access to the `MP4File::ReadString()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** mp4v2 version 2.1.3 **Description** The issue is related to a memory leak in the `MP4SdpAtom::Read()` function of the `atom sdp.cpp` component in the mp4v2 library, which is used for creating, modifying, and reading MP4 files. Exploitation of this issue could allow an attacker to cause a denial of service. **Recommendations** For mp4v2 version 2.1.3, as a temporary workaround, consider disabling the `MP4SdpAtom::Read()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mp4v2 version 2.1.2 **Description** A memory leak was discovered in mp4v2 via the class `MP4BytesProperty`. **Recommendations** For mp4v2 version 2.1.2, consider restricting access to the `MP4BytesProperty` class until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** mp4v2 version 2.1.3 **Description** The issue is related to a memory leak via the `MP4StringProperty` class in the mp4v2 library, which can be exploited by a remote attacker to cause a denial of service. The vulnerability is also associated with the `MP4BytesProperty` class and involves a buffer overflow when handling the `count` variable. **Recommendations** For mp4v2 version 2.1.3, consider restricting access to the `MP4StringProperty` and `MP4BytesProperty` classes until a patch is available. As a temporary workaround, avoid using the `count` variable in the affected classes to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.