exploitDog

CVE-2022-40737

Опубликовано: 15 сент. 2022

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields.

Ссылки

https://github.com/axiomatic-systems/Bento4/issues/756
Exploit
Issue Tracking
Third Party Advisory
https://github.com/axiomatic-systems/Bento4/issues/756
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:axiosys:bento4:*:*:*:*:*:*:*:*

Версия до 1.6.0-639 (включая)

EPSS

Процентиль: 61%

0.00413

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-125

Связанные уязвимости

CVE-2022-40737

CVSS3: 6.5

ubuntu

больше 3 лет назад

An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields.

GHSA-cqcm-975c-w5xg

CVSS3: 6.5

github

больше 3 лет назад

An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields.

EPSS

Процентиль: 61%

0.00413

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-125