Vulnerabilities > Bento4 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-21 | CVE-2017-14645 | Out-of-bounds Read vulnerability in Bento4 1.5.0617 A heap-based buffer over-read was discovered in AP4_BitStream::ReadBytes in Codecs/Ap4BitStream.cpp in Bento4 version 1.5.0-617. | 6.5 |
| 2017-09-21 | CVE-2017-14643 | Out-of-bounds Read vulnerability in Bento4 1.5.0617 The AP4_HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version 1.5.0-617 uses an incorrect character data type, leading to a heap-based buffer over-read and application crash in AP4_BytesToUInt32BE in Core/Ap4Utils.h. | 6.5 |
| 2017-09-21 | CVE-2017-14642 | NULL Pointer Dereference vulnerability in Bento4 1.5.0617 A NULL pointer dereference was discovered in the AP4_HdlrAtom class in Bento4 version 1.5.0-617. | 6.5 |
| 2017-09-21 | CVE-2017-14641 | NULL Pointer Dereference vulnerability in Bento4 1.5.0617 A NULL pointer dereference was discovered in the AP4_DataAtom class in MetaData/Ap4MetaData.cpp in Bento4 version 1.5.0-617. | 6.5 |
| 2017-09-21 | CVE-2017-14640 | NULL Pointer Dereference vulnerability in Bento4 1.5.0617 A NULL pointer dereference was discovered in AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. | 6.5 |
| 2017-09-21 | CVE-2017-14638 | NULL Pointer Dereference vulnerability in Bento4 1.5.0617 AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h. | 6.5 |
| 2017-09-06 | CVE-2017-12476 | NULL Pointer Dereference vulnerability in Bento4 The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | 5.5 |
| 2017-09-06 | CVE-2017-12474 | NULL Pointer Dereference vulnerability in Bento4 The AP4_AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable.cpp in Bento4 mp42ts before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | 5.5 |