CVE-2018-5253

Name of the Vulnerable Software and Affected Versions Bento4 version 1.5.1.0

Description The issue is related to an infinite loop in the AP4 FtypAtom class, which can be triggered by a crafted MP4 file. This occurs due to size mishandling in the Core/Ap4FtypAtom.cpp component of Bento4.

Recommendations For Bento4 version 1.5.1.0, consider avoiding the use of crafted MP4 files that may trigger the infinite loop until a patch is available. As a temporary workaround, restrict the processing of MP4 files to minimize the risk of exploitation.