Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-23267

Опубликовано: 22 сент. 2021
Источник: debian
EPSS Низкий

Описание

An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gpacfixed1.0.1+dfsg1-2package
gpacend-of-lifebusterpackage
gpacend-of-lifestretchpackage

Примечания

  • https://github.com/gpac/gpac/issues/1479

  • Fixed by fixes for related bugs, no specific commit identified upstream

  • poc tested with 1.0.1+dfsg1-4+deb11u1

  • https://github.com/gpac/gpac/commit/b286aa0cdc0cb781e96430c8777d38f066a2c9f9 (v0.9.0, v0.8.1)

EPSS

Процентиль: 40%
0.00184
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2020-23267

CVSS3: 7.1
ubuntu
больше 4 лет назад

An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file

nvd логотип

CVE-2020-23267

CVSS3: 7.1
nvd
больше 4 лет назад

An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file

github логотип

GHSA-332c-j8m4-x9m8

github
больше 3 лет назад

An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file

fstec логотип

BDU:2022-01757

CVSS3: 8.1
fstec
больше 5 лет назад

Уязвимость функции gf_hinter_track_process компонента isom_hinter_track_process.c мультимедийной платформы GPAC, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании

EPSS

Процентиль: 40%
0.00184
Низкий