The binary MP4Box in Gpac 1.0.1 has a double-free...
High severity
Unreviewed
Published
Jan 14, 2022
to the GitHub Advisory Database
•
Updated May 27, 2023
Description
Published by the National Vulnerability Database
Jan 13, 2022
Published to the GitHub Advisory Database
Jan 14, 2022
Last updated
May 27, 2023
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avc_compute_poc function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
References