CVE-2017-14258

Published September 11th, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.

axiomatic-systems/Bento4

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

GitHub

2.45K