CVE-2019-12483

gpac/gpac

on github

Published

May 30, 2019

Severity

CVSS v3:

7.8 HIGH

CVSS v2:

6.8 MEDIUM

Description

An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box.

References

https://github.com/gpac/gpac/issues/1249
https://lists.debian.org/debian-lts-announce/2019/06/msg00030.html

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:gpac:gpac:0.7.1:::::::*	n/a	n/a	0.7.1

External Links

NVD - CVE-2019-12483