CVE-2025-8537: Allocation of Resources in Axiomatic Bento4
A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
CVE-2025-8537: Allocation of Resources in Axiomatic Bento4
Description
A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-08-04T12:11:40.801Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 689154afad5a09ad00e46829
Added to database: 8/5/2025, 12:47:43 AM
Last updated: 8/5/2025, 12:47:43 AM
Views: 1
Related Threats
CVE-2025-8535: Cross Site Scripting in cronoh NanoVault
MediumCVE-2025-54871: CWE-284: Improper Access Control in steveseguin electroncapture
MediumCVE-2025-54870: CWE-636: Not Failing Securely ('Failing Open') in leakingmemory vtun-ng
HighCVE-2025-54865: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in FTB-Gamepedia Tilesheets
HighCVE-2025-54804: CWE-190: Integer Overflow or Wraparound in Eugeny russh
MediumActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.