CVE-2021-32271 - An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function Dum

CVE-2021-32271

Summary

An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution.

References

https://github.com/gpac/gpac/issues/1575

Vulnerable Configurations

cpe:2.3:a:gpac:gpac:-:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:-:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.5.2:1.1.0-dev-rev1663-g881c6a94a-master:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.5.2:1.1.0-dev-rev1663-g881c6a94a-master:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.9.0-development-20191109:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:0.9.0-development-20191109:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:1.0:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:1.0:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gpac:gpac:1.0.1:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 05-05-2023 - 19:44)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

Last major update

05-05-2023 - 19:44

Published

20-09-2021 - 16:15

Last modified

05-05-2023 - 19:44