CVE-2020-15395

Опубликовано: 30 июн. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).

Ссылки

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQJCEQRRPTN5CY5URDFTEJU3A2VKLNBA/
https://mediaarea.net/en/MediaInfo
Product
Vendor Advisory
https://sourceforge.net/p/mediainfo/bugs/1127/
Exploit
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQJCEQRRPTN5CY5URDFTEJU3A2VKLNBA/
https://mediaarea.net/en/MediaInfo
Product
Vendor Advisory
https://sourceforge.net/p/mediainfo/bugs/1127/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mediaarea:mediainfo:20.03:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00466

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2020-15395

CVSS3: 7.8

ubuntu

больше 5 лет назад

In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).

CVE-2020-15395

CVSS3: 7.8

debian

больше 5 лет назад

In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based b ...

GHSA-2g45-mrfv-r6f4

CVSS3: 7.8

github

больше 3 лет назад

In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).

EPSS

Процентиль: 64%

0.00466

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125