Multiple vulnerabilities in axiomatic-systems Bento4
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 10 |
| CVE-ID | CVE-2017-14638 CVE-2017-14639 CVE-2017-14640 CVE-2017-14641 CVE-2017-14642 CVE-2017-14643 CVE-2017-14644 CVE-2017-14645 CVE-2017-14646 CVE-2017-14647 |
| CWE-ID | CWE-476 CWE-843 CWE-125 CWE-787 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Bento4 Universal components / Libraries / Libraries used by multiple products |
| Vendor | axiomatic-systems |
Security Bulletin
This security bulletin contains information about 10 vulnerabilities.
1) NULL pointer dereference
EUVDB-ID: #VU38216
Risk: Medium
CVSSv3.1: 6 [AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-14638
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h. A remote attacker can perform a denial of service (DoS) attack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsBento4: 1.5.0-617
External linkshttp://blogs.gentoo.org/ago/2017/09/14/bento4-null-pointer-dereference-in-ap4_atomsettype-ap4atom-h/
http://github.com/axiomatic-systems/Bento4/commit/be7185faf7f52674028977dcf501c6039ff03aa5
http://github.com/axiomatic-systems/Bento4/issues/182
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Type Confusion
EUVDB-ID: #VU38217
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14639
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly unspecified other impact.
MitigationInstall update from vendor's website.
Vulnerable software versionsBento4: 1.5.0-617
External linkshttp://blogs.gentoo.org/ago/2017/09/14/bento4-stack-based-buffer-underflow-in-ap4_visualsampleentryreadfields-ap4sampleentry-cpp/
http://github.com/axiomatic-systems/Bento4/commit/03d1222ab9c2ce779cdf01bdb96cdd69cbdcfeda
http://github.com/axiomatic-systems/Bento4/issues/190
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) NULL pointer dereference
EUVDB-ID: #VU38218
Risk: Medium
CVSSv3.1: 6 [AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-14640
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. A remote attacker can perform a denial of service (DoS) attack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsBento4: 1.5.0-617
External linkshttp://blogs.gentoo.org/ago/2017/09/14/bento4-null-pointer-dereference-in-ap4_atomsampletablegetsample-ap4atomsampletable-cpp/
http://github.com/axiomatic-systems/Bento4/commit/2f267f89f957088197f4b1fc254632d1645b415d
http://github.com/axiomatic-systems/Bento4/issues/183
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) NULL pointer dereference
EUVDB-ID: #VU38219
Risk: Medium
CVSSv3.1: 6 [AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-14641
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the AP4_DataAtom class in MetaData/Ap4MetaData.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. A remote attacker can perform a denial of service (DoS) attack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsBento4: 1.5.0-617
External linkshttp://blogs.gentoo.org/ago/2017/09/14/bento4-null-pointer-dereference-in-ap4_dataatomap4_dataatom-ap4metadata-cpp/
http://github.com/axiomatic-systems/Bento4/commit/41cad602709436628f07b4c4f64e9ff7a611f687
http://github.com/axiomatic-systems/Bento4/issues/184
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) NULL pointer dereference
EUVDB-ID: #VU38220
Risk: Medium
CVSSv3.1: 6 [AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2017-14642
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the AP4_HdlrAtom class in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash in AP4_StdcFileByteStream::ReadPartial in System/StdC/Ap4StdCFileByteStream.cpp, which leads to remote denial of service. A remote attacker can perform a denial of service (DoS) attack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsBento4: 1.5.0-617
External linkshttp://blogs.gentoo.org/ago/2017/09/14/bento4-null-pointer-dereference-in-ap4_stdcfilebytestreamreadpartial-ap4stdcfilebytestream-cpp/
http://github.com/axiomatic-systems/Bento4/commit/22192de5367fa0cee985917f092be4060b7c00b0
http://github.com/axiomatic-systems/Bento4/issues/185
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU38221
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14643
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The AP4_HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version 1.5.0-617 uses an incorrect character data type, leading to a heap-based buffer over-read and application crash in AP4_BytesToUInt32BE in Core/Ap4Utils.h.
MitigationInstall update from vendor's website.
Vulnerable software versionsBento4: 1.5.0-617
External linkshttp://blogs.gentoo.org/ago/2017/09/14/bento4-heap-based-buffer-overflow-in-ap4_bytestouint32be-ap4utils-h/
http://github.com/axiomatic-systems/Bento4/commit/5eb8cf89d724ccb0b4ce5f24171ec7c11f0a7647
http://github.com/axiomatic-systems/Bento4/issues/187
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds write
EUVDB-ID: #VU38222
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14644
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
A heap-based buffer overflow was discovered in the AP4_HdlrAtom class in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
MitigationInstall update from vendor's website.
Vulnerable software versionsBento4: 1.5.0-617
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Out-of-bounds read
EUVDB-ID: #VU38223
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14645
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
A heap-based buffer over-read was discovered in AP4_BitStream::ReadBytes in Codecs/Ap4BitStream.cpp in Bento4 version 1.5.0-617. The vulnerability causes an application crash, which leads to remote denial of service.
MitigationInstall update from vendor's website.
Vulnerable software versionsBento4: 1.5.0-617
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Out-of-bounds read
EUVDB-ID: #VU38224
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14646
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 do not properly validate data sizes, leading to a heap-based buffer over-read and application crash in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.
MitigationInstall update from vendor's website.
Vulnerable software versionsBento4: 1.5.0-617
External linkshttp://blogs.gentoo.org/ago/2017/09/14/bento4-heap-based-buffer-overflow-in-ap4_databuffersetdata-ap4databuffer-cpp/
http://github.com/axiomatic-systems/Bento4/commit/53499d8d4c69142137c7c7f0097a444783fdeb90
http://github.com/axiomatic-systems/Bento4/issues/188
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Out-of-bounds write
EUVDB-ID: #VU38225
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14647
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
A heap-based buffer overflow was discovered in AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
MitigationInstall update from vendor's website.
Vulnerable software versionsBento4: 1.5.0-617
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
