CVE-2017-14258

Name of the Vulnerable Software and Affected Versions Bento4 version 1.5.0-616

Description The issue is related to a Write Memory Access Violation vulnerability in the SetItemCount function within the Core/Ap4StscAtom.h file of the Bento4 SDK. This vulnerability can be exploited by opening a specially crafted .MP4 file, potentially allowing the execution of arbitrary code.

Recommendations For Bento4 version 1.5.0-616, consider avoiding the use of the SetItemCount function in the Core/Ap4StscAtom.h file until a patch is available. As a temporary workaround, restrict the opening of .MP4 files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.