Vulnerability Details CVE-2019-11222
gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer overflow issue for the crypt feature when encountering a crafted_drm_file.xml file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://github.com/gpac/gpac/commit/f3698bb1bce62402805c3fda96551a23101a32f9
- https://github.com/gpac/gpac/issues/1204
- https://github.com/gpac/gpac/issues/1205
- https://lists.debian.org/debian-lts-announce/2019/04/msg00025.html
- https://github.com/gpac/gpac/commit/f3698bb1bce62402805c3fda96551a23101a32f9
- https://github.com/gpac/gpac/issues/1204
- https://github.com/gpac/gpac/issues/1205
- https://lists.debian.org/debian-lts-announce/2019/04/msg00025.html
Products affected by CVE-2019-11222
-
cpe:2.3:a:gpac:gpac:0.7.1
-
cpe:2.3:o:debian:debian_linux:8.0