CVE-2023-29576
First published: Tue Apr 11 2023(Updated: )
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Axiosys Bento4 | =1.6.0-639 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-29576?
The severity of CVE-2023-29576 is medium with a severity value of 5.5.
How does Bento4 v1.6.0-639 contain a segmentation violation?
Bento4 v1.6.0-639 contains a segmentation violation through the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h.
Which software versions are affected by CVE-2023-29576?
The affected software version is Bento4 v1.6.0-639.
Is there a fix available for CVE-2023-29576?
At the moment, no fix has been provided for CVE-2023-29576.
Where can I find more information about CVE-2023-29576?
You can find more information about CVE-2023-29576 at the following references: [GitHub Issue #844](https://github.com/axiomatic-systems/Bento4/issues/844) and [GitHub](https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp4decrypt/sigv/readme.md).
- collector/nvd-index
- vendor/axiosys
- canonical/axiosys bento4
- version/axiosys bento4/1.6.0-639