Vulnerabilities > CVE-2022-35165 - Infinite Loop vulnerability in Axiosys Bento4 1.6.0639

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
axiosys
CWE-835
NVD
Published: 2022-08-18
Updated: 2022-08-22

Summary

An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input.

Vulnerable Configurations

Part Description Count
Application
Axiosys
1

Common Weakness Enumeration (CWE)

References