Описание
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service.
Ссылки
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.4.14.1 (включая)
cpe:2.3:a:un4seen:bass:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 59%
0.00374
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-416
Связанные уязвимости
github
больше 3 лет назад
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service.
EPSS
Процентиль: 59%
0.00374
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-416