CVE-2022-3810
MEDIUMBento4 < 1.6.0-639 - Denial of Service in AP4_File::AP4_File
Title source: llmDescription
A vulnerability was found in Axiomatic Bento4. It has been classified as problematic. This affects the function AP4_File::AP4_File of the file Mp42Hevc.cpp of the component mp42hevc. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212667.
References (3)
Core 3
Core References
Exploit, Third Party Advisory
https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip
Exploit, Issue Tracking, Third Party Advisory
https://github.com/axiomatic-systems/Bento4/issues/779
Patch, Third Party Advisory
https://vuldb.com/?id.212667
Scores
CVSS v3
4.3
EPSS
0.0080
EPSS Percentile
51.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-404
Status
published
Products (1)
axiosys/bento4
< 1.6.0-639
Published
Nov 02, 2022
Tracked Since
Feb 18, 2026