Описание
Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gpac | fixed | 2.0.0+dfsg1-2 | package | |
| gpac | no-dsa | bullseye | package | |
| gpac | not-affected | buster | package | |
| gpac | not-affected | stretch | package |
Примечания
https://github.com/gpac/gpac/commit/77ed81c069e10b3861d88f72e1c6be1277ee7eae (v2.0.0)
https://github.com/gpac/gpac/issues/1774
Introduced by https://github.com/gpac/gpac/commit/51dadae6c790af3f639c4d9d660658b2848b51a0
The vulnerability affects operations on multiple samples, which rely on a change which was only introduced in 51dadae6c7
EPSS
Связанные уязвимости
Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
Уязвимость функции stbl_AppendSize команды MP4Box мультимедийной платформы GPAC, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS