PT-2021-10777 · Gpac · Gpac
Gutiniaoo
·
Published
2021-10-12
·
Updated
2021-10-18
·
CVE-2020-22674
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
gpac version 0.8.0
Description
An issue exists in the function
FixTrackID located in isom intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input. This is due to an invalid memory dereference.Recommendations
For gpac version 0.8.0, consider disabling the
FixTrackID function as a temporary workaround until a patch is available. Restrict access to the isom intern.c file to minimize the risk of exploitation. Avoid using crafted inputs that may trigger the denial of service.Exploit
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gpac