Heap Overflow Vulnerability in Bento4 Media Framework
CVE-2024-30806

Currently unrated

Key Information:

Vendor: Axiomatic Systems
Status: Bento4
Vendor: CVE Published:; 2 April 2024

🔔 Create Axiomatic Systems Vulnerability Alert

What is CVE-2024-30806?

A vulnerability in the Bento4 media framework has been identified, stemming from a heap overflow in the AP4_Dec3Atom class, specifically at the location of Ap4Dec3Atom.cpp. This flaw can result in a Denial of Service (DoS), potentially disrupting media processing functionalities. The issue has been demonstrated through specific test cases such as mp42aac, highlighting the need for prompt remediation to secure systems employing this media processing library.

References

https://github.com/axiomatic-systems/Bento4/issues/914

https://github.com/zhangteng0526/CVE-information/blob/mai...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 2, 2024