CVE-2017-14257

Name of the Vulnerable Software and Affected Versions Bento4 version 1.5.0-616

Description The issue is related to a Read Memory Access Violation in the AP4 AtomSampleTable::GetSample function, located in Core/Ap4AtomSampleTable.cpp. This can be exploited by opening a specially crafted .MP4 file.

Recommendations For Bento4 version 1.5.0-616, consider avoiding the use of the AP4 AtomSampleTable::GetSample function until a patch is available. As a temporary workaround, restrict the opening of .MP4 files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.