CVE-2025-0870

Medium CVSS: 6.3

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Vendor

Axiosys

Product

Bento4

CWE

CWE-119

Yayın Tarihi

2025-01-30 13:15:10

Güncelleme

2025-02-28 22:25:57

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Bento4 MEDIUM Axiosys 2025

Referanslar

https://github.com/axiomatic-systems/Bento4/issues/980 https://github.com/user-attachments/files/16929290/Bug2.zip https://vuldb.com/?ctiid.294056 https://vuldb.com/?id.294056

Benzer Kayıtlar

Medium

CVE-2025-8537

A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the fun…

Medium

CVE-2025-25942

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when proce…

High

CVE-2025-25943

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2At…

High

CVE-2025-25944

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom…

Medium

CVE-2025-25945

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_…

Medium

CVE-2025-25946

An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specific…