ID CVE-2021-3185
Summary A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.
References
Vulnerable Configurations
  • cpe:2.3:a:freedesktop:gst-plugins-bad:*:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:gst-plugins-bad:*:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 25-04-2022 - 20:16)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
Last major update 25-04-2022 - 20:16
Published 26-01-2021 - 18:16
Last modified 25-04-2022 - 20:16
Back to Top