Memory Leak Vulnerability in MP4Box by GPAC
CVE-2023-47384

5.5MEDIUM

Key Information:

Vendor: Gpac
Status: Gpac
Vendor: CVE Published:; 14 November 2023

What is CVE-2023-47384?

A vulnerability has been identified in MP4Box by GPAC, which allows attackers to exploit a memory leak in the function gf_isom_add_chapter located in isomedia/isom_write.c. This flaw can be triggered through specially crafted MP4 files, leading to potential Denial of Service (DoS) conditions, which can disrupt the normal function of applications that utilize this media processing software.

References

https://github.com/gpac/gpac/issues/2672

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
Nov 6, 2023

Gpac

What is CVE-2023-47384?

References

CVSS V3.1

Timeline