Lucene search

K
nvd[email protected]NVD:CVE-2022-3816
HistoryNov 01, 2022 - 10:15 p.m.

CVE-2022-3816

2022-11-0122:15:12
CWE-404
web.nvd.nist.gov
3
axiomatic bento4
vulnerability
mp4decrypt
remote attack
memory leak

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.0%

A vulnerability, which was classified as problematic, was found in Axiomatic Bento4. Affected is an unknown function of the component mp4decrypt. The manipulation leads to memory leak. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212682 is the identifier assigned to this vulnerability.

Affected configurations

Nvd
Node
axiosysbento4Match1.6.0-639
VendorProductVersionCPE
axiosysbento41.6.0-639cpe:2.3:a:axiosys:bento4:1.6.0-639:*:*:*:*:*:*:*

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.0%

Related for NVD:CVE-2022-3816