CVE-2018-14585

Опубликовано: 24 июл. 2018

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.

Ссылки

https://github.com/axiomatic-systems/Bento4/issues/299
Exploit
Third Party Advisory
https://github.com/axiomatic-systems/Bento4/issues/299
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:axiosys:bento4:1.5.1-624:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00429

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2018-14585

CVSS3: 8.8

ubuntu

больше 7 лет назад

An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.

GHSA-jr54-5c7x-45mx

CVSS3: 8.8

github

больше 3 лет назад

An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.

EPSS

Процентиль: 62%

0.00429

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125