Lucene search

[email protected]NVD:CVE-2023-49528

HistoryApr 12, 2024 - 6:15 a.m.

CVE-2023-49528

2024-04-1206:15:06

CWE-122

[email protected]

web.nvd.nist.gov

buffer overflow

ffmpeg

arbitrary code execution

denial of service

dos

af_dialoguenhance.c

de_stereo component

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

Percentile

15.5%

JSON

Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

trac.ffmpeg.org/ticket/10691

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

Percentile

15.5%

JSON

Related for NVD:CVE-2023-49528

cve1 debiancve1 nessus7 openvas6 ubuntucve1 fedora5 vulnrichment1 cvelist1 osv3 ubuntu1