CVE-2023-38858

Опубликовано: 15 авг. 2023

Источник: debian

EPSS Низкий

Описание

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
faad2	not-affected			package

Примечания

https://github.com/knik0/faad2/issues/173
Fixed by: https://github.com/knik0/faad2/commit/c65ae2904192965e7c9fcafe8c1ae5fa0649eea4 (2.11.0)
Introduced in https://github.com/knik0/faad2/commit/c8f36e7d779d6ac34a902873975163c1c7793382 (2.11.0)

EPSS

Процентиль: 71%

0.00671

Низкий

Связанные уязвимости

CVE-2023-38858

CVSS3: 6.5

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.

CVE-2023-38858

CVSS3: 6.5

nvd

больше 2 лет назад

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.

GHSA-46fj-h774-mfxr

CVSS3: 6.5

github

больше 2 лет назад

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.

EPSS

Процентиль: 71%

0.00671

Низкий