CVE-2023-1452Classic Buffer Overflow in Gpac

CWE-120Classic Buffer Overflow4 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 85.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GpacDebian Gpac
Timeline
PublishedMar 17

Description

A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223297 was assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

debiandebian/gpac< gpac 1.0.1+dfsg1-4+deb11u2 (bullseye)
Debiangpac/gpac< 1.0.1+dfsg1-4+deb11u2
CVEListV5gpac/gpac2.3-DEV-rev35-gbbca86917-master
NVDgpac/gpac2.3

🔴Vulnerability Details

2
GHSA
GHSA-qxf8-c7qq-q65f: A vulnerability was found in GPAC 22023-03-17
OSV
CVE-2023-1452: A vulnerability was found in GPAC 22023-03-17

📋Vendor Advisories

1
Debian
CVE-2023-1452: gpac - A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been d...2023
CVE-2023-1452 — Classic Buffer Overflow in Debian Gpac | cvebase