Zhanggenexop

**Nome do software vulnerável e versões afetadas: Bento4 versão 1.5.1.0 Descrição: Foi descoberta uma falha no Bento4, levando a um estouro de buffer de heap em `AP4 Dec3Atom::AP4 Dec3Atom` no arquivo `Ap4Dec3Atom.cpp`. Isso resulta em uma negação de serviço, fazendo com que o programa trave, conforme demonstrado pelo `mp42aac`. Recomendações: Para o Bento4 versão 1.5.1.0, considere desativar a função `AP4 Dec3Atom::AP4 Dec3Atom` até que um patch esteja disponível para evitar o estouro de buffer de heap. No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1.0 **Description** A heap-based buffer over-read issue was discovered in the function `AP4 BitReader::SkipBits` at `Core/Ap4Utils.cpp`. **Recommendations** For Bento4 version 1.5.1.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1.0 **Description** A heap-based buffer overflow issue was found in the AP4 RtpAtom class at Core/Ap4RtpAtom.cpp. **Recommendations** For Bento4 version 1.5.1.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1.0 **Description** A heap-based buffer over-read issue was discovered in the AP4 Dec3Atom class at Core/Ap4Dec3Atom.cpp. **Recommendations** For Bento4 version 1.5.1.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1.0 **Description** A heap-based buffer over-read issue was discovered in the AP4 AvccAtom class at Core/Ap4AvccAtom.cpp. **Recommendations** For Bento4 version 1.5.1.0, at the moment, there is no information about a newer version that contains a fix for this issue.