Описание
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile out of bounds read vulnerability via a crafted .wav file. An attacker can exploit this issues to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service.
Ссылки
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.4.14.1 (включая)
cpe:2.3:a:un4seen:bass:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 55%
0.00319
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
github
больше 3 лет назад
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile out of bounds read vulnerability via a crafted .wav file. An attacker can exploit this issues to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service.
EPSS
Процентиль: 55%
0.00319
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125