CVE-2024-25452

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Feb 9, 2024

Updated: Feb 12, 2024

CWE ID 400

Summary

CVE-2024-25452 is a newly identified vulnerability affecting Bento4 v1.6.0-640. This issue arises due to an out-of-memory condition in the AP4_UrlAtom::AP4_UrlAtom() function. When this function is exploited, it can lead to memory exhaustion, potentially causing the application to crash or allowing an attacker to execute arbitrary code. Successful exploitation could result in significant damage, including data loss or unauthorized system access. Users are advised to upgrade to the latest version of Bento4 to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ubkf9q
https://www.cve.org/CVERecord?id=CVE-2024-25452
https://nvd.nist.gov/vuln/detail/CVE-2024-25452

Back to Vulnerability Database

CVE-2024-25452

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations