Buffer Overflow vulnerability in Bento4 v.1.6.0-641... · CVE-2025-25943 · GitHub Advisory Database · GitHub

Buffer Overflow vulnerability in Bento4 v.1.6.0-641...

High severity Unreviewed Published Feb 20, 2025 to the GitHub Advisory Database • Updated Feb 20, 2025

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom component located in Ap4Stz2Atom.cpp.

References

Published by the National Vulnerability Database

Feb 19, 2025

Published to the GitHub Advisory Database Feb 20, 2025

Last updated Feb 20, 2025

Severity

High

/ 10

CVSS v3 base metrics

Attack vector

Local

Attack complexity

Low

Privileges required

Low

User interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H