CVE-2025-25942

Medium CVSS: 6.5

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released.

Vendor

Axiosys

Product

Bento4

CWE

CWE-200

Yayın Tarihi

2025-02-19 23:15:15

Güncelleme

2025-05-13 14:02:13

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-200 Bento4 MEDIUM Axiosys 2025

Referanslar

https://github.com/axiomatic-systems/Bento4/issues/993

Benzer Kayıtlar

Medium

CVE-2025-8537

A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the fun…

High

CVE-2025-25943

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2At…

High

CVE-2025-25944

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom…

Medium

CVE-2025-25945

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_…

Medium

CVE-2025-25946

An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specific…

Medium

CVE-2025-25947

An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4_At…