Page 44 of 312 results (0.011 seconds)

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input used to process an atom using the “saio” FOURCC code cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento de enteros explotable dentro de la funcionalidad MPEG-4 decoding de GPAC Project on Advanced Content library versión v1.0.1. Una entrada MPEG-4 especialmente diseñada para procesar un átomo usando el código FOURCC "saio" causa un desbordamiento de enteros debido a una aritmética no comprobada, resultando en un desbordamiento del búfer en la región heap de la memoria que causa una corrupción de la memoria. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 https://www.debian.org/security/2021/dsa-4966 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input using the “ctts” FOURCC code can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento de enteros explotable dentro de la funcionalidad MPEG-4 decoding de GPAC Project on Advanced Content library versión v1.0.1. Una entrada MPEG-4 especialmente diseñada que utilice el código FOURCC "ctts" puede causar un desbordamiento de enteros debido a una aritmética no comprobada, resultando en un desbordamiento del búfer en la región heap de la memoria que causa una corrupción de la memoria. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 https://www.debian.org/security/2021/dsa-4966 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the atom for the “co64” FOURCC can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento de enteros explotable dentro de la funcionalidad MPEG-4 decoding de GPAC Project on Advanced Content library versión v1.0.1. Una entrada MPEG-4 especialmente diseñada cuando se decodifica el átomo para el FOURCC "co64" puede causar un desbordamiento de enteros debido a una aritmética no comprobada, resultando en un desbordamiento de búfer en la región heap de la memoria que causa una corrupción de la memoria. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 https://www.debian.org/security/2021/dsa-4966 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the atom associated with the “csgp” FOURCC can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento de enteros explotable dentro de la funcionalidad MPEG-4 decoding de GPAC Project on Advanced Content library versión v1.0.1. Una entrada MPEG-4 especialmente diseñada cuando se decodifica el átomo asociado con el FOURCC "csgp" puede causar un desbordamiento de enteros debido a una aritmética no comprobada, resultando en un desbordamiento de búfer en la región heap de la memoria que causa una corrupción de la memoria. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption The implementation of the parser used for the “Xtra” FOURCC code is handled. An attacker can convince a user to open a video to trigger this vulnerability. Se presenta una vulnerabilidad de deserialización no segura en la funcionalidad ObjectManager.plugin ProfileInformation.ProfileData de CODESYS GmbH CODESYS Development System versiones 3.5.16 y 3.5.17. Un archivo especialmente diseñado puede conllevar a una ejecución arbitraria de comandos. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1298 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •