Memory Access Violation Vulnerability in Bento4 SDK 1.5.0-616: Exploitable via Crafted .MP4 File

Memory Access Violation Vulnerability in Bento4 SDK 1.5.0-616: Exploitable via Crafted .MP4 File

CVE-2017-14257 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file.

Learn more about our Web Application Penetration Testing UK.