Buffer Overflow Vulnerability in GPAC MP4Box Affects Multiple Versions
CVE-2018-1000100

7.8HIGH

Key Information:

Vendor

Gpac Project

Status
Gpac
Vendor
CVE Published:
6 March 2018

What is CVE-2018-1000100?

The GPAC MP4Box tool, specifically versions up to and including 0.7.1, is vulnerable to a buffer overflow in the avc_ext.c source file. This vulnerability allows an attacker to craft a malicious MP4 file that, when processed by an unsuspecting user, can lead to modification of heap chunks. If successfully exploited, this may enable remote code execution on the victim's system. Users are advised to avoid processing untrusted MP4 files and to apply patches as soon as they are available to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/gpac/gpac/issues/994
x_refsource_MISC
https://usn.ubuntu.com/3926-1/
vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.