Lucene search
Veracode Vulnerability DatabaseVERACODE:43740HistoryOct 11, 2023 - 4:49 a.m.
Buffer Overflow
2023-10-1104:49:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
libexempi.so buffer overflow id3v2 getframevalue vulnerability id3_support.cpp application audio file malicious crash
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
43.9%
libexempi.so is vulnerable to Buffer Overflow. The vulnerability exists in the getFrameValue function of ID3_Support.cpp, allowing an attacker to crash the application by opening a maliciously crafted audio file with a ID3V2 frame.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libexempi.so | le | 3.4.5 | |
| libexempi.so | le | 3.4.5 |
Related
amazon
amazon
Medium: exempi
2023-09-13 23:44:00
nessus
nessus
Amazon Linux 2 : exempi (ALAS-2023-2260)
2023-09-20 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : exempi (SUSE-SU-2023:3833-1)
2023-09-28 00:00:00
SUSE SLES12 Security Update : exempi (SUSE-SU-2023:3734-1)
2023-09-23 00:00:00
prion
prion
Buffer overflow
2023-08-22 19:15:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:3734-1)
2023-09-25 00:00:00
openSUSE: Security Advisory for exempi (SUSE-SU-2023:3833-1)
2024-03-04 00:00:00
Huawei EulerOS: Security Advisory for exempi (EulerOS-SA-2024-1262)
2024-03-12 00:00:00
cve
cve
CVE-2020-18651
2023-08-22 19:15:55
debiancve
debiancve
CVE-2020-18651
2023-08-22 19:15:55
osv
osv
CVE-2020-18651
2023-08-22 19:15:55
Moderate: exempi security update
2024-05-22 00:00:00
Moderate: exempi security update
2024-06-14 13:59:30
redhatcve
redhatcve
CVE-2020-18651
2023-08-29 13:15:26
ubuntucve
ubuntucve
CVE-2020-18651
2023-08-22 00:00:00
cvelist
cvelist
CVE-2020-18651
2023-08-22 00:00:00
nvd
nvd
CVE-2020-18651
2023-08-22 19:15:55
rocky
rocky
exempi security update
2024-06-14 13:59:30
redhat
redhat
(RHSA-2024:3066) Moderate: exempi security update
2024-05-22 06:35:30
oraclelinux
oraclelinux
exempi security update
2024-05-23 00:00:00
almalinux
almalinux
Moderate: exempi security update
2024-05-22 00:00:00
debian
debian
[SECURITY] [DLA 3585-1] exempi security update
2023-09-25 22:37:28
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
43.9%
Related for VERACODE:43740