CVE-2025-70304
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gpac | gpac | 2.4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow in the vobsub_get_subpic_duration() function of GPAC version 2.4.0. It occurs when the function processes a specially crafted packet, which causes the program to overwrite memory beyond the intended buffer limits. This can lead to a Denial of Service (DoS) condition, where the affected software crashes or becomes unresponsive. [1]
How can this vulnerability impact me? :
The primary impact of this vulnerability is a Denial of Service (DoS). An attacker can exploit this flaw by sending a crafted packet to the vulnerable GPAC software, causing it to crash or stop functioning properly. This disruption can affect availability of services relying on GPAC, potentially leading to downtime or interruption of media processing tasks. [1]