CVE Vulnerability

CVE-2022-3810

A vulnerability was found in Axiomatic Bento4. It has been classified as problematic. This affects the function AP4_File::AP4_File of the file Mp42Hevc.cpp of the component mp42hevc. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212667.

6.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/axiomatic-systems/Bento4/issues/779 Exploit Issue Tracking
https://vuldb.com/?id.212667 Patch Third Party Advisory
https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:axiosys:bento4:*:*:*:*:*:*:*:*
Information

Published : 2022-11-02 01:15

Updated : 2022-11-03 05:15

NVD link : CVE-2022-3810

Mitre link : CVE-2022-3810

Products Affected
No products.
CWE
CWE-404