cbcvebase.
CVE-2023-38857
published 2023-08-15

CVE-2023-38857: Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in…

medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianfaad2
faad2_projectfaad2
faad2_projectfaad2>= 0 < 2.9.1-1ubuntu0.12.9.1-1ubuntu0.1
faad2_projectfaad2>= 0 < 2.7-8+deb8u3ubuntu0.1~esm12.7-8+deb8u3ubuntu0.1~esm1
faad2_projectfaad2>= 0 < 2.8.0~cvs20150510-1ubuntu0.1+esm12.8.0~cvs20150510-1ubuntu0.1+esm1
faad2_projectfaad2>= 0 < 2.8.8-1ubuntu0.1~esm12.8.8-1ubuntu0.1~esm1

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv7.8HIGH