Unhandled SWF Tags in MP4Box: Potential Vulnerability in GPAC in gpac/gpac
Mar 22nd 2023
An unhandled series of SWF tags have been identified in the MP4Box software, which is part of the GPAC multimedia framework. These tags are not properly processed, leading to potential vulnerabilities such as denial of service, buffer overflows, or other malicious attacks.
POC: # ./MP4Box -dash 1000 POC4 LINK: https://drive.google.com/file/d/1hHzxolxklZDG_wtowwUEmel9-HAya9Az/view?usp=share_link
As a result of these unhandled tags, the software may be prone to exploitation by attackers, who can leverage the vulnerability to compromise the affected system, steal sensitive information, or disrupt normal operations. It is recommended to promptly patch or update the software to a version that addresses these issues to minimize the risk of potential attacks.