A4865Go

**Name of the Vulnerable Software and Affected Versions** Bento4 MP4Dump version 1.2 **Description** A segmentation violation was discovered in Bento4 MP4Dump via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175. **Recommendations** For version 1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.2 **Description** An issue was discovered in the allocator, which runs out of memory in the /Source/C++/Core/Ap4Array.h file. **Recommendations** For Bento4 version 1.2, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.2 **Description** An issue was discovered in the software, specifically an allocation size request error in the /Ap4RtpAtom.cpp file. **Recommendations** For Bento4 version 1.2, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libsixel versions prior to 1.10 **Description** The issue is related to a Buffer Overflow in the libsixel/src/quant.c file at line 867. This is a general information about the problem, and no specific details about the number of potentially affected devices or real-world incidents are provided. **Recommendations** For versions prior to 1.10, update to version 1.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the `quant.c` file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** libsixel version 1.8.6 **Description** The issue is a Heap Use After Free vulnerability. It is located in libsixel/src/dither.c:388. **Recommendations** For libsixel version 1.8.6, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libsixel version 1.10.0 **Description** The issue is related to a use after free error in the libsixel/src/dither.c file at line 379. This error occurs when the program attempts to access memory that has already been freed, potentially leading to unexpected behavior or crashes. **Recommendations** For libsixel version 1.10.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libsixel version 1.8.6 **Description** The issue is related to a Buffer Overflow in the libsixel/src/quant.c file at line 876. This is a general information about the problem, but specific details about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited are not provided. **Recommendations** For libsixel version 1.8.6, at the moment, there is no information about a newer version that contains a fix for this vulnerability.