Описание
A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- ExploitIssue Tracking
- Exploit
- Permissions RequiredVDB Entry
- Permissions RequiredVDB Entry
- Third Party Advisory
Уязвимые конфигурации
EPSS
6.3 Medium
CVSS3
6.5 Medium
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Уязвимость функции AP4_StdcFileByteStream::ReadPartial() библиотеки чтения и записи файлов ISO-MP4 Bento4, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.3 Medium
CVSS3
6.5 Medium
CVSS3
7.5 High
CVSS2