CVE-2024-6064 | GPAC 2.5-DEV-rev228-g11067ea92-master MP4Box loader_xmt.c xmt_node_end use after free (Issue 2874)

Posted by Angelo Barbosa | Jun 17, 2024 | CVE

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been declared as problematic. This vulnerability affects the function xmt_node_end of the file src/scene_manager/loader_xmt.c of the component MP4Box. The manipulation leads to use after free.

This vulnerability was named CVE-2024-6064. Local access is required to approach this attack. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-6064 | GPAC 2.5-DEV-rev228-g11067ea92-master MP4Box loader_xmt.c xmt_node_end use after free (Issue 2874)

Related Posts

CVE-2024-2633 | Cegid Meta4 HR 819.001.022 dumpenv.jsp lang cross site scripting

CVE-2024-34391 | libxmljs up to 1.0.11 XML attrs type confusion (ID 645)

CVE-2024-46676 | Linux Kernel up to 6.10.7 pn533 nfc_start_poll divide by zero

CVE-2024-3682 | WP STAGING Plugin/WP STAGING Pro Plugin on WordPress Log File information disclosure