Aggregates CVE and security vulnerability intelligence across all bento4-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk memory corruption and vendor risk buffer overflow, with potential vendor impact memory corruption and vendor impact application crash across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-14647 | A heap-based buffer overflow was discovered in AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution. | [email protected] | 8.8 | 1.15% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14645 | A heap-based buffer over-read was discovered in AP4_BitStream::ReadBytes in Codecs/Ap4BitStream.cpp in Bento4 version 1.5.0-617. The vulnerability causes an application crash, which leads to remote denial of service. | [email protected] | 6.5 | 0.33% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14644 | A heap-based buffer overflow was discovered in the AP4_HdlrAtom class in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution. | [email protected] | 8.8 | 0.81% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14643 | The AP4_HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version 1.5.0-617 uses an incorrect character data type, leading to a heap-based buffer over-read and application crash in AP4_BytesToUInt32BE in Core/Ap4Utils.h. | [email protected] | 6.5 | 0.53% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14642 | A NULL pointer dereference was discovered in the AP4_HdlrAtom class in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash in AP4_StdcFileByteStream::ReadPartial in System/StdC/Ap4StdCFileByteStream.cpp, which leads to remote denial of service. | [email protected] | 6.5 | 0.52% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14641 | A NULL pointer dereference was discovered in the AP4_DataAtom class in MetaData/Ap4MetaData.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. | [email protected] | 6.5 | 0.56% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14640 | A NULL pointer dereference was discovered in AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. | [email protected] | 6.5 | 0.52% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14639 | AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly unspecified other impact. | [email protected] | 8.8 | 0.92% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14638 | AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp in Bento4 version 1.5.0-617 has missing NULL checks, leading to a NULL pointer dereference, segmentation fault, and application crash in AP4_Atom::SetType in Core/Ap4Atom.h. | [email protected] | 6.5 | 0.57% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14261 | In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file. | [email protected] | 7.8 | 0.22% | 2017-09-11 | 2026-05-13 |
| CVE-2017-14259 | In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file. | [email protected] | 7.8 | 0.43% | 2017-09-11 | 2026-05-13 |
| CVE-2017-14258 | In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file. | [email protected] | 7.8 | 0.53% | 2017-09-11 | 2026-05-13 |
| CVE-2017-14257 | In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file. | [email protected] | 7.8 | 0.22% | 2017-09-11 | 2026-05-13 |
| CVE-2017-12476 | The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | [email protected] | 5.5 | 0.26% | 2017-09-06 | 2026-05-13 |
| CVE-2017-12474 | The AP4_AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable.cpp in Bento4 mp42ts before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | [email protected] | 5.5 | 0.26% | 2017-09-06 | 2026-05-13 |