Vulnerabilities > CVE-2020-23912 - NULL Pointer Dereference vulnerability in Axiosys Bento4

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
axiosys
CWE-476
NVD
Published: 2021-04-21
Updated: 2021-04-26

Summary

An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service.

Vulnerable Configurations

Part Description Count
Application
Axiosys
53

Common Weakness Enumeration (CWE)

References