Vulnerabilities > CVE-2024-31004 - Unspecified vulnerability in Axiosys Bento4 1.6.0641

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

axiosys

critical

NVD

Published: 2024-04-02

Updated: 2025-02-27

Summary

An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4StsdAtom.cpp,AP4_StsdAtom::AP4_StsdAtom,mp4fragment.

Vulnerable Configurations

Part	Description	Count
Application	Axiosys Axiosys Bento4 1.6.0-641	1

References

https://github.com/axiomatic-systems/Bento4/issues/941
https://github.com/axiomatic-systems/Bento4/issues/941
https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-31004
https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-31004