CVE-2018-1000100

Source
https://nvd.nist.gov/vuln/detail/CVE-2018-1000100
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000100.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-1000100
Related
Published
2018-03-06T17:29:00Z
Modified
2025-01-14T07:20:15.787345Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This attack appear to be exploitable via an attacker supplied MP4 file that when run by the victim may result in RCE.

References

Affected packages

Git / github.com/gpac/gpac

Affected ranges

Type
GIT
Repo
https://github.com/gpac/gpac
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

v0.*

v0.5.2
v0.6.0
v0.6.1
v0.7.0
v0.7.1