CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3784 – Axiomatic Bento4 mp4hls Ap4Mp4AudioInfo.cpp ReadBits heap-based overflow
https://notcve.org/view.php?id=CVE-2022-3784
A vulnerability classified as critical was found in Axiomatic Bento4 5e7bb34. Affected by this vulnerability is the function AP4_Mp4AudioDsiParser::ReadBits of the file Ap4Mp4AudioInfo.cpp of the component mp4hls. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/axiomatic-systems/Bento4/files/9849116/mp42hls_ReadBits_Ap4Mp4AudioInfo66.zip https://github.com/axiomatic-systems/Bento4/issues/806 https://vuldb.com/?id.212563 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-3785 – Axiomatic Bento4 Avcinfo SetDataSize heap-based overflow
https://notcve.org/view.php?id=CVE-2022-3785
A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4_DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/axiomatic-systems/Bento4/files/9658653/POC_avcinfo_15644345.zip https://github.com/axiomatic-systems/Bento4/issues/780 https://vuldb.com/?id.212564 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2022-3667 – Axiomatic Bento4 mp42aac Ap4ByteStream.cpp WritePartial heap-based overflow
https://notcve.org/view.php?id=CVE-2022-3667
A vulnerability, which was classified as critical, was found in Axiomatic Bento4. This affects the function AP4_MemoryByteStream::WritePartial of the file Ap4ByteStream.cpp of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/17ssDP/fuzzer_crashes/blob/main/Bento4/mp42aac-hbo-01 https://github.com/axiomatic-systems/Bento4/issues/789 https://vuldb.com/?id.212007 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-3670 – Axiomatic Bento4 mp42hevc WriteSample heap-based overflow
https://notcve.org/view.php?id=CVE-2022-3670
A vulnerability was found in Axiomatic Bento4. It has been classified as critical. Affected is the function WriteSample of the component mp42hevc. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. • https://github.com/axiomatic-systems/Bento4/files/9675049/Bug_3_POC.zip https://github.com/axiomatic-systems/Bento4/issues/776 https://vuldb.com/?id.212010 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-3664 – Axiomatic Bento4 avcinfo Ap4BitStream.cpp WriteBytes heap-based overflow
https://notcve.org/view.php?id=CVE-2022-3664
A vulnerability classified as critical has been found in Axiomatic Bento4. Affected is the function AP4_BitStream::WriteBytes of the file Ap4BitStream.cpp of the component avcinfo. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/axiomatic-systems/Bento4/files/9746288/avcinfo_poc1.zip https://github.com/axiomatic-systems/Bento4/issues/794 https://vuldb.com/?id.212004 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •