Vulnerability — CVE-2022-3664

CVE-2022-3664

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2022-3664
Description:: A vulnerability classified as critical has been found in Axiomatic Bento4. Affected is the function AP4_BitStream::WriteBytes of the file Ap4BitStream.cpp of the component avcinfo. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212004.
Last updated date:: 10/28/2022

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/28/2022
Reference url to background: https://github.com/axiomatic-systems/Bento4/files/9746288/avcinfo_poc1.zip

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/28/2022
Reference url to background: https://github.com/axiomatic-systems/Bento4/issues/794