Dr3Dd589

**Name of the Vulnerable Software and Affected Versions** GPAC version 0.8.0 **Description** The issue is a heap-based buffer overflow in the `gf m2ts process pmt` function in `media tools/mpegts.c:2163`, which can cause a denial of service (DOS) via a crafted MP4 file. This can be exploited when processing a specially crafted MP4 file using MP4Box. **Recommendations** For GPAC version 0.8.0, as a temporary workaround, consider disabling the `gf m2ts process pmt` function until a patch is available. Restrict access to the `media tools/mpegts.c` module to minimize the risk of exploitation. Avoid using MP4Box to process untrusted MP4 files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.