Heap Buffer Overflow in GPAC Affects Multiple Versions of MP4Box
CVE-2023-46927

5.5MEDIUM

Key Information:

Vendor: Gpac
Status: Gpac
Vendor: CVE Published:; 1 November 2023

What is CVE-2023-46927?

A heap buffer overflow vulnerability exists in GPAC's MP4Box component. This issue arises in the function gf_isom_use_compact_size located in isom_write.c. When handling certain media files, improper handling of memory allocation can lead to memory corruption, potentially allowing an attacker to execute arbitrary code or cause application crashes. Users of GPAC, especially those using MP4Box, are advised to apply necessary updates and monitor security channels for patches addressing this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/gpac/gpac/issues/2657

https://github.com/gpac/gpac/commit/a7b467b151d9b54badbc4...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 1, 2023
Vulnerability Reserved
Oct 30, 2023

JSON

Gpac

What is CVE-2023-46927?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.