GPAC load_text.c buffer overflow
CVE-2023-1452

7.8HIGH

Key Information:

Vendor: Gpac
Status: GPAC
Vendor: CVE Published:; 17 March 2023

What is CVE-2023-1452?

A vulnerability has been identified in the GPAC multimedia framework, specifically within the file filter function located at filters/load_text.c, which allows for a buffer overflow. This issue requires local access to exploit and can potentially lead to unauthorized manipulation of system resources. The vulnerability has been publicly disclosed, emphasizing the need for immediate application of security patches to safeguard against exploitation. Security teams should prioritize updates to affected versions to mitigate any risks associated with this vulnerability.

Affected Version(s)

GPAC 2.3-DEV-rev35-gbbca86917-master

References

https://vuldb.com/?id.223297

vdb-entrytechnical-description

https://vuldb.com/?ctiid.223297

signaturepermissions-required

https://github.com/gpac/gpac/issues/2386

issue-tracking

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 17, 2023
Vulnerability Reserved
Mar 17, 2023

Credit

Tmotfl (VulDB User)

Gpac

What is CVE-2023-1452?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit