Ubuntu.comUB:CVE-2023-1450CVE-2023-1450
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
28.5%
A vulnerability was found in MP4v2 2.1.2 and classified as problematic.
This issue affects the function DumpTrack of the file mp4trackdump.cpp. The
manipulation leads to denial of service. The attack needs to be approached
locally. The exploit has been disclosed to the public and may be used. The
associated identifier of this vulnerability is VDB-223295.
References
github.com/10cksYiqiyinHangzhouTechnology/mp4v2_trackdump_poc
github.com/10cksYiqiyinHangzhouTechnology/mp4v2_trackdump_poc/blob/main/id_000005%2Csig_08%2Csrc_000166%2B000357%2Ctime_3137250%2Cexecs_3545598%2Cop_splice%2Crep_16
launchpad.net/bugs/cve/CVE-2023-1450
nvd.nist.gov/vuln/detail/CVE-2023-1450
security-tracker.debian.org/tracker/CVE-2023-1450
www.cve.org/CVERecord?id=CVE-2023-1450
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
28.5%