CVE-2024-41206

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-41206
A stack-based buffer over-read in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Information Disclosure via a crafted TS video file.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/justdan96/tsMuxer/issues/859
Configurations

No configuration.

History

15 Nov 2024, 19:35

Type Values Removed Values Added
CWE CWE-120
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.5

15 Nov 2024, 13:58

Type Values Removed Values Added
Summary
  • (es) Una sobrelectura de búfer basada en pila en la versión nightly-2024-03-14-01-51-12 de tsMuxer permite a los atacantes provocar la divulgación de información a través de un archivo de video TS manipulado específicamente.

14 Nov 2024, 23:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-14 23:15

Updated : 2024-11-15 19:35

NVD link : CVE-2024-41206

Mitre link : CVE-2024-41206

CVE.ORG link : CVE-2024-41206

JSON object : View

Products Affected

No product.

CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')