Vulnerability Description
A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file mp4trackdump.cpp. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223295.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mp4V2 Project | Mp4V2 | 2.1.2 |
Related Weaknesses (CWE)
References
- https://github.com/10cksYiqiyinHangzhouTechnology/mp4v2_trackdump_pocExploitThird Party Advisory
- https://github.com/10cksYiqiyinHangzhouTechnology/mp4v2_trackdump_poc/blob/main/Exploit
- https://vuldb.com/?ctiid.223295Permissions RequiredThird Party AdvisoryVDB Entry
- https://vuldb.com/?id.223295Permissions RequiredThird Party AdvisoryVDB Entry
- https://github.com/10cksYiqiyinHangzhouTechnology/mp4v2_trackdump_pocExploitThird Party Advisory
- https://github.com/10cksYiqiyinHangzhouTechnology/mp4v2_trackdump_poc/blob/main/Exploit
- https://vuldb.com/?ctiid.223295Permissions RequiredThird Party AdvisoryVDB Entry
- https://vuldb.com/?id.223295Permissions RequiredThird Party AdvisoryVDB Entry
FAQ
What is CVE-2023-1450?
CVE-2023-1450 is a vulnerability with a CVSS score of 3.3 (LOW). A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file mp4trackdump.cpp. The manipulation leads to denial of service. The attack ...
How severe is CVE-2023-1450?
CVE-2023-1450 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-1450?
Check the references section above for vendor advisories and patch information. Affected products include: Mp4V2 Project Mp4V2.