PT-2023-16993 · Mp4V2 · Mp4V2
Ccpx
·
Publicado
2023-03-17
·
Atualizado
2024-05-17
·
CVE-2023-1451
CVSS v3.1
3.3
Baixa
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
MP4v2 version 2.1.2
Description
A vulnerability was found in the function
mp4v2::impl::MP4Track::GetSampleFileOffset of the file mp4track.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.Recommendations
For MP4v2 version 2.1.2, consider disabling the
mp4v2::impl::MP4Track::GetSampleFileOffset function until a patch is available. Restrict access to the mp4track.cpp file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Improper Resource Release
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mp4V2