Mastersop

**Name of the Vulnerable Software and Affected Versions** Exiv2 version 0.27 **Description** A problem has been discovered that allows an attacker to cause a Denial of Service or possibly have other unspecified impacts. This issue is triggered by a crafted file, leading to infinite recursion at `Exiv2::Image::printTiffStructure` in the `image.cpp` file. **Recommendations** For Exiv2 version 0.27, consider avoiding the use of crafted files that may trigger the infinite recursion at `Exiv2::Image::printTiffStructure` until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tcpreplay version 4.3.1 **Description** The issue is related to a NULL pointer dereference in the `get layer4 v6()` function, located in the get.c file. This can be triggered by sending a crafted pcap file to the `tcpreplay-edit` binary, allowing an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. **Recommendations** For Tcpreplay version 4.3.1, consider avoiding the use of crafted pcap files with the `tcpreplay-edit` binary until a patch is available. As a temporary workaround, restrict access to the `get layer4 v6()` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tcpreplay version 4.3.1 **Description** An issue was discovered in the function `get ipv6 l4proto()` located at `get.c`, which can be triggered by sending a crafted pcap file to the `tcpreplay-edit` binary. This can cause a NULL pointer dereference, allowing an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. **Recommendations** For Tcpreplay version 4.3.1, consider avoiding the use of crafted pcap files with the `tcpreplay-edit` binary until a patch is available. As a temporary workaround, restrict access to the `get ipv6 l4proto()` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tcpreplay version 4.3.1 **Description** An issue in the `do checksum` function in `checksum.c` can be triggered by sending a crafted pcap file to the `tcpreplay-edit` binary, causing an invalid memory access. This can lead to a Denial of Service (Segmentation fault) or possibly have other unspecified impacts. **Recommendations** For Tcpreplay version 4.3.1, consider avoiding the use of crafted pcap files with the `tcpreplay-edit` binary until a fix is available. As a temporary workaround, restrict access to the `tcpreplay-edit` binary to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1-628 **Description** A NULL pointer dereference issue occurs in the `AP4 List:Find` function, located in `Core/Ap4List.h`, when called from `Core/Ap4Movie.cpp`. This can be triggered by sending a crafted file to the `mp4dump` binary, allowing an attacker to cause a Denial of Service (Segmentation fault) or possibly have other unspecified impacts. **Recommendations** For Bento4 version 1.5.1-628, as a temporary workaround, consider restricting the use of the `mp4dump` binary until a patch is available. Additionally, avoid processing crafted or untrusted files with the affected binary to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Tcpreplay version 4.3.0 beta1 **Description** The issue is related to a heap-based buffer over-read in the `get next packet()` function, located in the send packets.c file. This function uses `memcpy()` unsafely to copy sequences from the source buffer `pktdata` to the destination `(*prev packet)->pktdata`. As a result, this can lead to a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file. **Recommendations** For Tcpreplay version 4.3.0 beta1, consider disabling the `get next packet()` function as a temporary workaround until a patch is available. Restrict access to files that may trigger the buffer over-read to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.