Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
The product writes data past the end, or before the beginning, of the intended buffer.
Link | Tags |
---|---|
https://github.com/gpac/gpac/issues/1766 | third party advisory exploit |
https://github.com/gpac/gpac/commit/328def7d3b93847d64ecb6e9e0399684e57c3eca | third party advisory patch |