CVE-2023-1450

Published Mar 17, 2023

Last updated 6 months ago

Overview

Description: A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file mp4trackdump.cpp. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223295.
Source: cna@vuldb.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Secondary
Base score: 1.7
Impact score: 2.9
Exploitability score: 3.1
Vector string: AV:L/AC:L/Au:S/C:N/I:N/A:P

Weaknesses

cna@vuldb.com: CWE-404

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mp4v2_project:mp4v2:2.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E9EA982-3885-417B-AB0C-061415A7F261"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Configurations

References