Skip to main content

Bento4 CVE-2018-13847

HIGH
Buffer Overflow (CWE-119)
2018-07-10 cve@mitre.org
7.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Jul 10, 2018 - 18:29 nvd
HIGH 7.5

DescriptionNVD

An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp.

AnalysisAI

An issue has been found in Bento4 1.5.1-624. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp. Affected products include: Axiosys Bento4.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

More in Bento4

View all
CVE-2024-31004 CRITICAL POC
9.8 Apr 02

An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4StsdAtom.cpp,AP4_Stsd

CVE-2024-31002 CRITICAL POC
9.8 Apr 02

Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4

CVE-2018-14531 CRITICAL POC
9.8 Jul 23

An issue was discovered in Bento4 1.5.1-624. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploita

CVE-2017-14639 HIGH POC
8.8 Sep 21

AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, wh

CVE-2017-14644 HIGH POC
8.8 Sep 21

A heap-based buffer overflow was discovered in the AP4_HdlrAtom class in Bento4 1.5.0-617. Rated high severity (CVSS 8.8

CVE-2024-31003 HIGH POC
8.8 Apr 02

Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4

CVE-2022-4584 HIGH POC
8.8 Dec 17

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. Rated high severity (CVSS 8.8), this vulnerability is rem

CVE-2022-3974 HIGH POC
8.8 Nov 13

A vulnerability classified as critical was found in Axiomatic Bento4. Rated high severity (CVSS 8.8), this vulnerability

CVE-2022-41430 HIGH POC
8.8 Oct 03

Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux. Rated hig

CVE-2022-41429 HIGH POC
8.8 Oct 03

Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag. Rated h

CVE-2022-41428 HIGH POC
8.8 Oct 03

Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux. Rated hi

CVE-2021-32265 HIGH POC
8.8 Sep 20

An issue was discovered in Bento4 through v1.6.0-637. Rated high severity (CVSS 8.8), this vulnerability is remotely exp

Share

CVE-2018-13847 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy