PT-2019-18708 · Axiomatic Systems · Bento4

Wcventure

Published

2019-02-10

Updated

2020-08-24

CVE-2019-7698

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Bento4 version 1.5.1-627

Description An issue was discovered in the AP4 Array function, which can be triggered by crafted MP4 input, leading to an attempt at excessive memory allocation. This issue is related to a previously known problem.

Recommendations For Bento4 version 1.5.1-627, consider updating to a newer version that addresses this issue, as the current version may be prone to excessive memory allocation attempts when processing crafted MP4 input. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

CVE-2019-7698

Affected Products

Bento4

PT-2019-18708 · Axiomatic Systems · Bento4

CVE-2019-7698

Weakness Enumeration

Related Identifiers

Affected Products

References · 6