CVE-2023-1452

A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223297 was assigned to this vulnerability.
References
Link Resource
https://github.com/gpac/gpac/issues/2386 Exploit Issue Tracking Third Party Advisory
https://github.com/xxy1126/Vuln/blob/main/gpac/1.mp4 Exploit
https://vuldb.com/?ctiid.223297 Permissions Required Third Party Advisory VDB Entry
https://vuldb.com/?id.223297 Permissions Required Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:gpac:gpac:2.3:dev:*:*:*:*:*:*

History

27 May 2023, 04:15

Type Values Removed Values Added
References
  • (MISC) https://www.debian.org/security/2023/dsa-5411 -

23 Mar 2023, 15:48

Type Values Removed Values Added
CPE cpe:2.3:a:gpac:gpac:2.3:dev:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
References (MISC) https://github.com/gpac/gpac/issues/2386 - (MISC) https://github.com/gpac/gpac/issues/2386 - Exploit, Issue Tracking, Third Party Advisory
References (MISC) https://vuldb.com/?ctiid.223297 - (MISC) https://vuldb.com/?ctiid.223297 - Permissions Required, Third Party Advisory, VDB Entry
References (MISC) https://github.com/xxy1126/Vuln/blob/main/gpac/1.mp4 - (MISC) https://github.com/xxy1126/Vuln/blob/main/gpac/1.mp4 - Exploit
References (MISC) https://vuldb.com/?id.223297 - (MISC) https://vuldb.com/?id.223297 - Permissions Required, Third Party Advisory, VDB Entry

17 Mar 2023, 12:59

Type Values Removed Values Added
New CVE

Information

Published : 2023-03-17 07:15

Updated : 2024-05-17 02:18


NVD link : CVE-2023-1452

Mitre link : CVE-2023-1452

CVE.ORG link : CVE-2023-1452


JSON object : View

Products Affected

gpac

  • gpac
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')