CVE-2023-38857

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

https://github.com/knik0/faad2/issues/171
https://github.com/knik0/faad2/issues/171
GLSA-202401-13
GLSA-202401-13

Published: 2023-08-15
Modified: 2024-11-21

CVE-2023-38858

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

https://github.com/knik0/faad2/issues/173
https://github.com/knik0/faad2/issues/173
GLSA-202401-13
GLSA-202401-13

Version: 2.1.0

Package faad update in sisyphus_e2k on 2024-02-04

ALT-PU-2024-1797-1

Closed vulnerabilities

CVE-2023-38857

CVE-2023-38858