Vulnerability Description
A vulnerability was found in MP4v2 2.1.2. It has been classified as problematic. Affected is the function mp4v2::impl::MP4Track::GetSampleFileOffset of the file mp4track.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223296.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mp4V2 Project | Mp4V2 | 2.1.2 |
Related Weaknesses (CWE)
References
- https://github.com/RichTrouble/mp4v2_mp4track_pocExploitThird Party Advisory
- https://github.com/RichTrouble/mp4v2_mp4track_poc/blob/main/id_000000%2Csig_08%2Exploit
- https://vuldb.com/?ctiid.223296Permissions RequiredThird Party AdvisoryVDB Entry
- https://vuldb.com/?id.223296Permissions RequiredThird Party AdvisoryVDB Entry
- https://github.com/RichTrouble/mp4v2_mp4track_pocExploitThird Party Advisory
- https://github.com/RichTrouble/mp4v2_mp4track_poc/blob/main/id_000000%2Csig_08%2Exploit
- https://vuldb.com/?ctiid.223296Permissions RequiredThird Party AdvisoryVDB Entry
- https://vuldb.com/?id.223296Permissions RequiredThird Party AdvisoryVDB Entry
FAQ
What is CVE-2023-1451?
CVE-2023-1451 is a vulnerability with a CVSS score of 3.3 (LOW). A vulnerability was found in MP4v2 2.1.2. It has been classified as problematic. Affected is the function mp4v2::impl::MP4Track::GetSampleFileOffset of the file mp4track.cpp. The manipulation leads to...
How severe is CVE-2023-1451?
CVE-2023-1451 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-1451?
Check the references section above for vendor advisories and patch information. Affected products include: Mp4V2 Project Mp4V2.