CVE-2021-31254

Опубликовано: 19 апр. 2021

Источник: debian

Описание

Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gpac	not-affected			package

Примечания

https://github.com/gpac/gpac/commit/8986422c21fbd9a7bf6561cae65aae42077447e8
https://github.com/gpac/gpac/issues/1703
Introduced in https://github.com/gpac/gpac/commit/f966d85ee940b0a19dbbe972bc9ff042a98d7264 (after v1.0.1)

Связанные уязвимости

CVE-2021-31254

CVSS3: 7.8

ubuntu

почти 5 лет назад

Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes.

CVE-2021-31254

CVSS3: 7.8

nvd

почти 5 лет назад

Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes.

GHSA-jmf2-q3j2-999x

github

больше 3 лет назад

Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes.