G2Fuzz

**Name of the Vulnerable Software and Affected Versions** Bento4 mp42avc version 3bdc891602d19789b8e8626e4a3e613a937b4d35 **Description** The issue is a buffer overflow vulnerability that allows a local attacker to execute arbitrary code via the `AP4 File::ParseStream` and related functions. This vulnerability can be exploited by a local attacker. **Recommendations** For Bento4 mp42avc version 3bdc891602d19789b8e8626e4a3e613a937b4d35, consider disabling the `AP4 File::ParseStream` function and related functions until a patch is available. Restrict access to the vulnerable functions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bento4 mp42avc version 3bdc891602d19789b8e8626e4a3e613a937b4d35 **Description** The issue allows a local attacker to execute arbitrary code via the `AP4 MemoryByteStream::WritePartial` function. This is a buffer overflow vulnerability. **Recommendations** For Bento4 mp42avc version 3bdc891602d19789b8e8626e4a3e613a937b4d35, as a temporary workaround, consider disabling the `AP4 MemoryByteStream::WritePartial` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bento4 (affected versions not specified) **Description** A floating-point exception (FPE) vulnerability exists in the AP4 TfraAtom::AP4 TfraAtom function. This issue may be related to the handling of floating-point operations within the specified function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.