Derekxco

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.6.0-639 **Description** A segmentation violation was discovered in Bento4 via the `AP4 Processor::ProcessFragments` function in `mp4encrypt`. **Recommendations** For Bento4 version 1.6.0-639, consider disabling the `AP4 Processor::ProcessFragments` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Axiomatic Bento4 (affected versions not specified) **Description** A critical issue has been found in Axiomatic Bento4, affecting the function `AP4 DataBuffer::SetDataSize` of the `Avcinfo` component. This issue leads to a heap-based buffer overflow. The attack can be launched remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.6.0-639 **Description** A memory leak was discovered in Bento4 via the `AP4 Processor::Process` function in the mp4encrypt binary. **Recommendations** For version 1.6.0-639, consider restricting the use of the `AP4 Processor::Process` function until a patch is available.