Lucene search

[email protected]NVD:CVE-2022-23747

HistoryAug 17, 2022 - 9:15 p.m.

CVE-2022-23747

2022-08-1721:15:08

CWE-120

[email protected]

web.nvd.nist.gov

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

66.0%

JSON

In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.

Affected configurations

NVD

Node

sonyxperia_1_firmwareMatch-

AND

sonyxperia_1Match-

Node

sonyxperia_5_firmwareMatch-

AND

sonyxperia_5Match-

Node

sonyxperia_pro_firmwareMatch-

AND

sonyxperia_proMatch-

References

cpr-zero.checkpoint.com/vulns/cprid-2191/

research.checkpoint.com/2022/bad-alac-one-codec-to-hack-the-whole-world/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

66.0%

JSON

Related for NVD:CVE-2022-23747

cve1 prion1 cvelist1