CVE-2024-28318

Name of the Vulnerable Software and Affected Versions gpac version 2.3-DEV-rev921-g422b78ecf-master

Description The issue is related to an out of boundary write vulnerability via the swf get string function at scene manager/swf parse.c:325. This vulnerability can be exploited by a remote attacker to gain access to confidential information. The vulnerability is associated with a buffer overflow in memory.

Recommendations For gpac version 2.3-DEV-rev921-g422b78ecf-master, consider disabling the swf get string function as a temporary workaround until a patch is available. Restrict access to the scene manager/swf parse.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.