Advisories ยป MGASA-2019-0146

Updated gpac packages fix security vulnerability

Publication date: 10 Apr 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-7752 , CVE-2018-13005 , CVE-2018-13006 , CVE-2018-20760 , CVE-2018-20761 , CVE-2018-20762 , CVE-2018-20763 , CVE-2018-1000100


It was discovered that the GPAC MP4Box utility incorrectly handled certain
memory operations. If an user or automated system were tricked into opening
a specially crafted MP4 file, a remote attacker could use this issue to
cause MP4Box to crash, resulting in a denial of service, or possibly execute
arbitrary code (CVE-2018-7752, CVE-2018-13005, CVE-2018-13006, CVE-2018-20760,
CVE-2018-20761, CVE-2018-20762, CVE-2018-20763, CVE-2018-1000100).