CVE-2022-3669: Axiomatic Bento4 mp4edit Create memory leak
First published: Wed Oct 26 2022(Updated: )
A vulnerability was found in Axiomatic Bento4 and classified as problematic. This issue affects the function AP4_AvccAtom::Create of the component mp4edit. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212009 was assigned to this vulnerability.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Axiosys Bento4 | =1.6.0-639 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-3669.
What software is affected by this vulnerability?
The affected software is Axiosys Bento4 version 1.6.0-639.
What is the severity of CVE-2022-3669?
The severity of CVE-2022-3669 is medium (5.5).
What is the CWE ID for this vulnerability?
The CWE ID for this vulnerability is CWE-401 and CWE-404.
Is there a public exploit available?
Yes, there is a public exploit available for CVE-2022-3669.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/title
- agent/author
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/axiosys
- canonical/axiosys bento4
- version/axiosys bento4/1.6.0-639