mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
110 lines
4.0 KiB
JSON
110 lines
4.0 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2023-1451",
|
|
"ASSIGNER": "cna@vuldb.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability was found in MP4v2 2.1.2. It has been classified as problematic. Affected is the function mp4v2::impl::MP4Track::GetSampleFileOffset of the file mp4track.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223296."
|
|
},
|
|
{
|
|
"lang": "deu",
|
|
"value": "Es wurde eine problematische Schwachstelle in MP4v2 2.1.2 ausgemacht. Hiervon betroffen ist die Funktion mp4v2::impl::MP4Track::GetSampleFileOffset der Datei mp4track.cpp. Durch das Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-404 Denial of Service",
|
|
"cweId": "CWE-404"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "n/a",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "MP4v2",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.1.2"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://vuldb.com/?id.223296",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?id.223296"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.223296",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?ctiid.223296"
|
|
},
|
|
{
|
|
"url": "https://github.com/RichTrouble/mp4v2_mp4track_poc",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/RichTrouble/mp4v2_mp4track_poc"
|
|
},
|
|
{
|
|
"url": "https://github.com/RichTrouble/mp4v2_mp4track_poc/blob/main/id_000000%2Csig_08%2Csrc_001076%2Ctime_147809374%2Cexecs_155756872%2Cop_havoc%2Crep_8",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/RichTrouble/mp4v2_mp4track_poc/blob/main/id_000000%2Csig_08%2Csrc_001076%2Ctime_147809374%2Cexecs_155756872%2Cop_havoc%2Crep_8"
|
|
}
|
|
]
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "ccpx (VulDB User)"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"baseScore": 3.3,
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
|
|
"baseSeverity": "LOW"
|
|
},
|
|
{
|
|
"version": "3.0",
|
|
"baseScore": 3.3,
|
|
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
|
|
"baseSeverity": "LOW"
|
|
},
|
|
{
|
|
"version": "2.0",
|
|
"baseScore": 1.7,
|
|
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"
|
|
}
|
|
]
|
|
}
|
|
} |