Vulnerabilities > CVE-2019-18794 - Use After Free vulnerability in Un4Seen Bass 2.4.14.1

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
un4seen
CWE-416

Summary

The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service.

Vulnerable Configurations

Part Description Count
Application
Un4Seen
1

Common Weakness Enumeration (CWE)