Vulnerabilities > CVE-2022-3670 - Out-of-bounds Write vulnerability in Axiosys Bento4 1.6.0639
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A vulnerability was found in Axiomatic Bento4. It has been classified as critical. Affected is the function WriteSample of the component mp42hevc. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212010 is the identifier assigned to this vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- https://github.com/axiomatic-systems/Bento4/files/9675049/Bug_3_POC.zip
- https://github.com/axiomatic-systems/Bento4/files/9675049/Bug_3_POC.zip
- https://github.com/axiomatic-systems/Bento4/issues/776
- https://github.com/axiomatic-systems/Bento4/issues/776
- https://vuldb.com/?id.212010
- https://vuldb.com/?id.212010