CVE-2019-12483

Опубликовано: 30 мая 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box.

Ссылки

https://github.com/gpac/gpac/issues/1249
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/06/msg00030.html
Mailing List
Third Party Advisory
https://github.com/gpac/gpac/issues/1249
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/06/msg00030.html
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*

Версия от 0.6.1 (включая) до 0.7.1 (включая)

EPSS

Процентиль: 49%

0.00263

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2019-12483

CVSS3: 7.8

ubuntu

больше 6 лет назад

An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box.

CVE-2019-12483

CVSS3: 7.8

debian

больше 6 лет назад

An issue was discovered in GPAC 0.7.1. There is a heap-based buffer ov ...

GHSA-m2w7-3369-7579

CVSS3: 7.8

github

больше 3 лет назад

An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box.

EPSS

Процентиль: 49%

0.00263

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787