Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redosRedosROS-20230914-08
HistorySep 14, 2023 - 12:00 a.m.

ROS-20230914-08

2023-09-1400:00:00
redos.red-soft.ru
6
gpac multimedia
vulnerabilities
integer sign overflow
null pointer dereferencing
heap buffer overflow
application crashes
mpeg12_parseseqhdr boundaries
unix

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON

GPAC multimedia platform vulnerability is related to integer sign overflow in the
filters/mux_isom.c:5716:20. Exploitation of the vulnerability could allow an attacker to cause the application to crash.

The GPAC multimedia platform vulnerability is related to null pointer dereferencing in functions
utils/xml_parser.c:1038, filters/dasher.c:8146, utils/alloc.c:170, filters/dasher.c:6332,
filters/dasher.c:7389, filter_core/filter_pck.c:434. Exploitation of the vulnerability could allow an attacker to
to cause a crash or shutdown.

The GPAC media platform vulnerability is related to a heap buffer overflow in the avi_read function
media_tools/avilib.c:67. Exploitation of the vulnerability could allow an attacker to cause the application to crash.

The GPAC media platform vulnerability is related to reading outside the MPEG12_ParseSeqHdr boundaries
media_tools/mpeg2_ps.c. Exploitation of the vulnerability could allow an attacker to cause an application crash.

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64gpac<= 0.7.1-5UNKNOWN

Related

ubuntucve 4
veracode 4
cve 4
cvelist 4
huntr 4
osv 4
debiancve 4
nvd 4
prion 4
githubexploit 1
ubuntucve
ubuntucve
CVE-2023-4722
2023-09-01 00:00:00
CVE-2023-4683
2023-08-31 00:00:00
CVE-2023-4682
2023-08-31 00:00:00
veracode
veracode
Integer Overflow
2023-09-06 07:23:21
Heap-based Buffer Overflow
2023-09-05 11:36:36
NULL Pointer Dereference
2023-09-05 13:30:16
cve
cve
CVE-2023-4722
2023-09-01 16:15:08
CVE-2023-4683
2023-08-31 16:15:10
CVE-2023-4682
2023-08-31 16:15:10
cvelist
cvelist
CVE-2023-4682 Heap-based Buffer Overflow in gpac/gpac
2023-08-31 15:54:23
CVE-2023-4721 Out-of-bounds Read in gpac/gpac
2023-09-01 15:27:41
CVE-2023-4683 NULL Pointer Dereference in gpac/gpac
2023-08-31 15:54:35
huntr
huntr
heap-buffer-overflow in function avi_read media_tools/avilib.c:67 in gpac/gpac
2023-08-28 12:47:10
There are 6 NULL Pointer Dereference vulnerabilities in MP4Box
2023-08-18 15:00:23
Out of Bounds Read in MPEG12_ParseSeqHdr media_tools/mpeg2_ps.c
2023-08-31 02:45:03
osv
osv
CVE-2023-4682
2023-08-31 16:15:10
CVE-2023-4721
2023-09-01 16:15:08
CVE-2023-4683
2023-08-31 16:15:10
debiancve
debiancve
CVE-2023-4682
2023-08-31 16:15:10
CVE-2023-4722
2023-09-01 16:15:08
CVE-2023-4683
2023-08-31 16:15:10
nvd
nvd
CVE-2023-4682
2023-08-31 16:15:10
CVE-2023-4722
2023-09-01 16:15:08
CVE-2023-4683
2023-08-31 16:15:10
prion
prion
Integer overflow
2023-09-01 16:15:00
Null pointer dereference
2023-08-31 16:15:00
Heap overflow
2023-08-31 16:15:00
githubexploit
githubexploit
Exploit for NULL Pointer Dereference in Gpac
2023-09-28 20:49:33

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON
Related for ROS-20230914-08
ubuntucve4veracode4cve4cvelist4huntr4osv4debiancve4nvd4prion4githubexploit1