CVE Vulnerability

CVE-2022-3817

A vulnerability has been found in Axiomatic Bento4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component mp4mux. The manipulation leads to memory leak. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212683.

6.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/axiomatic-systems/Bento4/issues/792 Issue Tracking Third Party Advisory
https://vuldb.com/?id.212683 Third Party Advisory
https://github.com/axiomatic-systems/Bento4/files/9727057/POC_mp4mux_1729452038.zip Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:axiosys:bento4:1.6.0-639:*:*:*:*:*:*:*
Information

Published : 2022-11-01 10:15

Updated : 2022-11-02 06:54

NVD link : CVE-2022-3817

Mitre link : CVE-2022-3817

Products Affected
No products.
CWE
CWE-401

CWE-404