← Voltar para CVEs
CVE-2024-6063
LOW3.3
Descricao
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as problematic. This affects the function m2tsdmx_on_event of the file src/filters/dmx_m2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8767ed0a77c4b02287db3723e92c2169f67c85d5. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-268791.
Detalhes CVE
Pontuacao CVSS v3.13.3
SeveridadeLOW
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado6/17/2024
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
gpac:gpac
Fraquezas (CWE)
CWE-476
Referencias
https://github.com/gpac/gpac/issues/2873(cna@vuldb.com)
https://github.com/user-attachments/files/15801157/poc.zip(cna@vuldb.com)
https://vuldb.com/?ctiid.268791(cna@vuldb.com)
https://vuldb.com/?id.268791(cna@vuldb.com)
https://vuldb.com/?submit.356315(cna@vuldb.com)
https://github.com/gpac/gpac/commit/8767ed0a77c4b02287db3723e92c2169f67c85d5(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/gpac/gpac/issues/2873(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/user-attachments/files/15801157/poc.zip(af854a3a-2127-422b-91ae-364da2661108)
https://vuldb.com/?ctiid.268791(af854a3a-2127-422b-91ae-364da2661108)
https://vuldb.com/?id.268791(af854a3a-2127-422b-91ae-364da2661108)
https://vuldb.com/?submit.356315(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.