CVE-2024-57513

Published: Jan 29, 2025Modified: Jun 17, 2026Deferred

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A floating-point exception (FPE) vulnerability exists in the AP4_TfraAtom::AP4_TfraAtom function in Bento4.

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

https://gist.github.com/G2FUZZ/91a1cc3b8f2b0720e984353d59023b24

Source: cve@mitre.org

https://github.com/axiomatic-systems/Bento4/issues/990

Source: cve@mitre.org

Timeline

No history available yet.