CVE Vulnerability

CVE-2022-3809

A vulnerability was found in Axiomatic Bento4 and classified as problematic. Affected by this issue is the function ParseCommandLine of the file Mp4Tag/Mp4Tag.cpp of the component mp4tag. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-212666 is the identifier assigned to this vulnerability.

6.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/axiomatic-systems/Bento4/issues/779 Exploit Issue Tracking
https://vuldb.com/?id.212666 Permissions Required Third Party Advisory
https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:axiosys:bento4:*:*:*:*:*:*:*:*
Information

Published : 2022-11-02 01:15

Updated : 2022-11-03 05:18

NVD link : CVE-2022-3809

Mitre link : CVE-2022-3809

Products Affected
No products.
CWE
CWE-404