CVE-2022-3809

Axiomatic Bento4 mp4tag Mp4Tag.cpp ParseCommandLine denial of service

CVSS 4.3 MEDIUMEPSS 0.8%CWE-404

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 4.3EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

01 nov 2022Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A vulnerability was found in Axiomatic Bento4 and classified as problematic. Affected by this issue is the function ParseCommandLine of the file Mp4Tag/Mp4Tag.cpp of the component mp4tag. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-212666 is the identifier assigned to this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Produtos afetados

Axiomatic · Bento4

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip https://github.com/axiomatic-systems/Bento4/issues/779 https://vuldb.com/?id.212666