Song Jiaxuan

Name of the Vulnerable Software and Affected Versions: Ffmpeg versions v.n6.1-3-g466799d4f5 Description: The issue is related to a buffer overflow vulnerability in the config eq output function, located in the libavfilter/asrc afirsrc.c component. This vulnerability allows a local attacker to execute arbitrary code. The exploitation of this issue can enable an attacker to run arbitrary code, potentially leading to system compromise. Recommendations: For Ffmpeg version v.n6.1-3-g466799d4f5, consider disabling the config eq output function in the libavfilter/asrc afirsrc.c component as a temporary workaround until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Ffmpeg version v.n6.1-3-g466799d4f5 Description: The issue is related to a buffer overflow in the `ff bwdif filter intra c` function, located in the `libavfilter/bwdifdsp.c` component. This allows an attacker to execute arbitrary code. The vulnerability is associated with uncontrolled copying of user data, which can be exploited by a remote attacker to achieve code execution. Recommendations: For Ffmpeg version v.n6.1-3-g466799d4f5, consider disabling the `ff bwdif filter intra c` function as a temporary workaround until a patch is available. Restrict access to the `libavfilter/bwdifdsp.c` component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xpdf versions 4.05 and earlier **Description** The issue is an out-of-bounds array write in Xpdf, triggered by a negative object number in an indirect reference in the input PDF file. This occurs when the software processes a PDF file containing a negative object number, leading to an array write operation that exceeds the bounds of the allocated memory. **Recommendations** For Xpdf versions 4.05 and earlier, update to a version later than 4.05 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** gpac MP4Box version 2.3-DEV-rev573-g201320819-master **Description** The issue is caused by a buffer overflow in the `gf isom get user data()` function, which can be exploited by a local attacker to cause a denial of service. This buffer overflow vulnerability is located in the gpac/src/isomedia/isom read.c file at line 2807:51. **Recommendations** For gpac MP4Box version 2.3-DEV-rev573-g201320819-master, consider disabling the `gf isom get user data()` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** tsMuxer version git-2539d07 **Description** The issue is related to an alloc-dealloc-mismatch error, specifically due to the use of operator new [] vs operator delete. This error was discovered in tsMuxer. **Recommendations** For tsMuxer version git-2539d07, as a temporary workaround, consider restricting the use of the affected memory allocation functions until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** tsMuxer version git-2539d07 **Description** A memory leak in tsMuxer allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. **Recommendations** For tsMuxer version git-2539d07, consider updating to a newer version that contains a fix for this issue, as no specific workaround is provided for this version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gifsicle versions 1.92 through 1.94 **Description** The issue might allow a denial of service due to memory consumption if Gifsicle is deployed in a way that allows untrusted input to affect Gif Realloc calls. However, this has been disputed by multiple parties because the Gifsicle code is not commonly used for unattended operation and does not have realistic use cases in which an adversary controls the entire command line. A buffer overflow vulnerability via the `--crop` parameter in the command line parameters could also lead to a denial of service. **Recommendations** For Gifsicle versions 1.92 through 1.94, consider restricting the use of the `--crop` parameter in the command line to minimize the risk of exploitation. As a temporary workaround, avoid using Gifsicle in scenarios where untrusted input could affect Gif Realloc calls until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vorbis-tools version 1.4.2 **Description** The issue is related to a Buffer Overflow vulnerability that allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files. This occurs due to the possibility of writing beyond the boundaries of a buffer in memory. **Recommendations** For Vorbis-tools version 1.4.2, consider updating to a newer version that includes the upstream patch to fix the issue. As a temporary workaround, restrict the use of the conversion functionality from wav to ogg files until a patch is available.