Vulnerability — CVE-2022-3785

CVE-2022-3785

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2022-3785
Description:: A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4_DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212564.
Last updated date:: 11/03/2022

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/03/2022
Reference url to background: https://github.com/axiomatic-systems/Bento4/files/9658653/POC_avcinfo_15644345.zip

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/03/2022
Reference url to background: https://github.com/axiomatic-systems/Bento4/issues/780