Buffer overflow in GPAC

Published: 2019-04-16 11:24:46 | Updated: 2019-04-17
Severity Medium
Patch available YES
Number of vulnerabilities 2
CVE ID CVE-2019-11222
CVE-2019-11221
CVSSv3 6.5 [CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
6.7 [CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CWE ID CWE-119
Exploitation vector Network
Public exploit Public exploit code for vulnerability #2 is available.
Vulnerable software GPAC
Vulnerable software versions GPAC 0.7.1
Vendor URL GPAC

Security Advisory

UPDATED: 17.04.2019
Added vulnerability #2.

1) Buffer overflow

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the gf_bin128_parse() function in utils/os_divers.c file when processing data in _drm_file.xml file. A remote attacker can supply a specially crafted _drm_file.xmlfile to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's GIT repository.

External links

https://github.com/gpac/gpac/commit/f36525c5beafb78959c3a07d6622c9028de348da
https://github.com/gpac/gpac/issues/1204
https://github.com/gpac/gpac/issues/1205
https://github.com/gpac/gpac/commit/f3698bb1bce62402805c3fda96551a23101a32f9

2) Buffer overflow

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within gf_import_message() in media_import.c. A remote attacker can create a specially crafted SubRip Subtitle (SRT) file, pass it to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

External links

https://github.com/gpac/gpac/issues/1203

Back to List