SB2018071036 - Multiple vulnerabilities in axiomatic-systems Bento4
Published: July 10, 2018 Updated: August 8, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 16 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2018-14584)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read. A remote attacker can perform a denial of service attack.
2) Out-of-bounds read (CVE-ID: CVE-2018-14585)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read after a call from the AP4_Stz2Atom class. A remote attacker can perform a denial of service attack.
3) Buffer overflow (CVE-ID: CVE-2018-14586)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532.
4) Out-of-bounds read (CVE-ID: CVE-2018-14587)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to buffer over-read. A remote attacker can perform a denial of service attack.
5) NULL pointer dereference (CVE-ID: CVE-2018-14588)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp. A remote attacker can perform a denial of service (DoS) attack.
6) Out-of-bounds read (CVE-ID: CVE-2018-14589)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read. A remote attacker can perform a denial of service attack.
7) Buffer overflow (CVE-ID: CVE-2018-14590)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
8) Buffer overflow (CVE-ID: CVE-2018-14531)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An issue was discovered in Bento4 1.5.1-624. There is an unspecified "heap-buffer-overflow" crash in the AP4_HvccAtom class in Core/Ap4HvccAtom.cpp.
9) Out-of-bounds read (CVE-ID: CVE-2018-14532)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846. A remote attacker can perform a denial of service attack.
10) NULL pointer dereference (CVE-ID: CVE-2018-14543)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump.
11) Out-of-bounds read (CVE-ID: CVE-2018-14544)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.
12) Out-of-bounds read (CVE-ID: CVE-2018-14545)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.
13) Infinite loop (CVE-ID: CVE-2018-14445)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file.
14) Out-of-bounds read (CVE-ID: CVE-2018-13846)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read after a call from Mp42Ts.cpp, a related issue to CVE-2018-14532. A remote attacker can perform a denial of service attack.
15) Buffer overflow (CVE-ID: CVE-2018-13847)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp.
16) Buffer overflow (CVE-ID: CVE-2018-13848)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- https://github.com/axiomatic-systems/Bento4/issues/298
- https://github.com/axiomatic-systems/Bento4/issues/304
- https://github.com/axiomatic-systems/Bento4/issues/299
- https://github.com/axiomatic-systems/Bento4/issues/300
- https://github.com/axiomatic-systems/Bento4/issues/301
- https://github.com/axiomatic-systems/Bento4/issues/302
- https://github.com/axiomatic-systems/Bento4/issues/303
- https://github.com/axiomatic-systems/Bento4/issues/305
- https://github.com/axiomatic-systems/Bento4/issues/293
- https://github.com/axiomatic-systems/Bento4/issues/294
- https://github.com/axiomatic-systems/Bento4/issues/292
- https://github.com/axiomatic-systems/Bento4/issues/291
- http://hac425.unaux.com/index.php/archives/62/
- https://github.com/axiomatic-systems/Bento4/issues/289
- https://github.com/axiomatic-systems/Bento4/issues/282
- https://github.com/axiomatic-systems/Bento4/issues/283
- https://github.com/axiomatic-systems/Bento4/issues/285