PT-2020-6628 · Gpac · Gpac
Published
2020-05-12
·
Updated
2021-09-29
·
CVE-2020-23266
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
GPAC version 0.8.0
Description
The issue is related to a heap-based buffer overflow in the OD ReadUTF8String function of the odf code.c component in the GPAC multimedia platform. This can be exploited by a remote attacker using a specially crafted media file, leading to a denial of service. The
OD ReadUTF8String function is vulnerable due to its handling of buffer boundaries.Recommendations
For GPAC version 0.8.0, consider disabling the
OD ReadUTF8String function as a temporary workaround until a patch is available to prevent potential exploitation.Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gpac