CVE-2023-1451 LOW

CVE-2023-1451: MP4v2 mp4track.cpp GetSampleFileOffset denial of service

Vendor N/A
Product MP4v2
Weakness CWE-404
Published March 17, 2023
Last update August 2, 2024

CVSS base score

3.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

A vulnerability was found in MP4v2 2.1.2. It has been classified as problematic. Affected is the function mp4v2::impl::MP4Track::GetSampleFileOffset of the file mp4track.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223296.

Key dates

02Disclosure timeline

March 17, 2023 CVE published
August 2, 2024 Record updated