Gpac 0.7.1 Buffer Overflow Vulnerability


An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box.


The information has been provided by  Thorsten Alteholz
The original article can be found at:


Gpac is prone to a overflow vulnerability.This allows a remote attackers to execute arbitrary code via crafted packets and cause a denial of service (memory corruption)

Vulnerable Systems:

  • Gpac 0.7.1

CVE Information:


Disclosure Timeline:
Publish Date:05/30/2019

Categories: News