Axiomatic Bento4 mp4decrypt 拒绝服务

分类为棘手的漏洞曾在Axiomatic Bento4中发现。 受影响的是未知功能的组件:mp4decrypt。 手动调试的不合法输入可导致 拒绝服务。 使用CWE来声明会导致 CWE-401 的问题。 此漏洞的脆弱性 2022-11-01公示人身份792、所披露。 索取公告的网址是github.com。 该漏洞的交易名称为CVE-2022-3816, 攻击可能远程发起, 无技术细节可用。 此外还有一个漏洞可利用。 该漏洞利用已公开,可能会被利用。 目前漏洞的结构决定了可能的价格范围为美元价USD $0-$5k。 该漏洞由MITRE ATT&CK项目分配为T1499。 它被宣布为proof-of-concept。 该漏洞利用的共享下载地址为:github.com。 估计零日攻击的地下价格约为$0-$5k。 该漏洞被披露后,远在此前发表过可能的缓解措施。

时间轴

用户

124

字段

exploit_price_0day2
source_cve_nvd_summary1
source_cve_assigned1
vulnerability_cvss3_meta_tempscore1
vulnerability_cvss3_meta_basescore1

Commit Conf

90%32
50%10
70%2

Approve Conf

90%32
80%10
70%2
ID已提交用户字段更改备注已接受地位C
133277362022-12-03VulD...price_0day$0-$5ksee exploit price documentation2022-12-03已接受
90
133277352022-12-03VulD...cve_nvd_summaryA vulnerability, which was classified as problematic, was found in Axiomatic Bento4. Affected is an unknown function of the component mp4decrypt. The manipulation leads to memory leak. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212682 is the identifier assigned to this vulnerability.cve.mitre.org2022-12-03已接受
70
133277342022-12-03VulD...cve_assigned1667257200 (2022-11-01)cve.mitre.org2022-12-03已接受
70
132086542022-11-01VulD...price_0day$0-$5ksee exploit price documentation2022-11-01已接受
90
132086532022-11-01VulD...cvss3_meta_tempscore3.9see CVSS documentation2022-11-01已接受
90
132086522022-11-01VulD...cvss3_meta_basescore4.3see CVSS documentation2022-11-01已接受
90
132086512022-11-01VulD...cvss3_vuldb_tempscore3.9see CVSS documentation2022-11-01已接受
90
132086502022-11-01VulD...cvss3_vuldb_basescore4.3see CVSS documentation2022-11-01已接受
90
132086492022-11-01VulD...cvss2_vuldb_tempscore4.3see CVSS documentation2022-11-01已接受
90
132086482022-11-01VulD...cvss2_vuldb_basescore5.0see CVSS documentation2022-11-01已接受
90
132086472022-11-01VulD...cvss3_vuldb_rlXderived from historical data2022-11-01已接受
80
132086462022-11-01VulD...cvss2_vuldb_rlNDderived from historical data2022-11-01已接受
80
132086452022-11-01VulD...cvss2_vuldb_rcURderived from vuldb v3 vector2022-11-01已接受
80
132086442022-11-01VulD...cvss2_vuldb_ePOCderived from vuldb v3 vector2022-11-01已接受
80
132086432022-11-01VulD...cvss2_vuldb_aiPderived from vuldb v3 vector2022-11-01已接受
80
132086422022-11-01VulD...cvss2_vuldb_iiNderived from vuldb v3 vector2022-11-01已接受
80
132086412022-11-01VulD...cvss2_vuldb_ciNderived from vuldb v3 vector2022-11-01已接受
80
132086402022-11-01VulD...cvss2_vuldb_auNderived from vuldb v3 vector2022-11-01已接受
80
132086392022-11-01VulD...cvss2_vuldb_acLderived from vuldb v3 vector2022-11-01已接受
80
132086382022-11-01VulD...cvss2_vuldb_avNderived from vuldb v3 vector2022-11-01已接受
80

24 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 24 results.

上一步一览下一步

Do you need the next level of professionalism?

Upgrade your account now!