A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4_DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212564.
References
Link | Resource |
---|---|
https://github.com/axiomatic-systems/Bento4/files/9658653/POC_avcinfo_15644345.zip | Exploit Third Party Advisory |
https://github.com/axiomatic-systems/Bento4/issues/780 | Exploit Third Party Advisory |
https://vuldb.com/?id.212564 | Permissions Required Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulDB
Published: 2022-10-31T00:00:00
Updated: 2022-10-31T00:00:00
Reserved: 2022-10-31T00:00:00
Link: CVE-2022-3785
JSON object: View
NVD Information
Status : Modified
Published: 2022-10-31T21:15:12.577
Modified: 2023-11-07T03:51:48.030
Link: CVE-2022-3785
JSON object: View
Redhat Information
No data.