CVE-2023-38857

Опубликовано: 15 авг. 2023

Источник: debian

EPSS Низкий

Описание

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
faad2	not-affected			package

Примечания

https://github.com/knik0/faad2/issues/171
Fixed by: https://github.com/knik0/faad2/commit/b02a9ee5bf071fa92563536c076a69dbec814e7e (2.11.0)
Introduced in https://github.com/knik0/faad2/commit/c8f36e7d779d6ac34a902873975163c1c7793382 (2.11.0)

EPSS

Процентиль: 59%

0.00386

Низкий

Связанные уязвимости

CVE-2023-38857

CVSS3: 5.5

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.

CVE-2023-38857

CVSS3: 5.5

nvd

больше 2 лет назад

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.

GHSA-m4g7-w387-qg32

CVSS3: 7.5

github

больше 2 лет назад

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.

EPSS

Процентиль: 59%

0.00386

Низкий