CVE-2023-43519

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 6, 2024

Updated: Apr 12, 2024

CWE ID 120

Summary

CVE-2023-43519 is a memory corruption vulnerability that affects video parsing. The issue arises when the size of an atom in a Videoinfo structure exceeds the size of the Videoinfo itself. This can result in unintended changes to memory, potentially leading to arbitrary code execution or a denial of service. Attackers could exploit this flaw by crafting specially formatted video files to trigger the memory corruption, allowing them to execute malicious code or cause the application to crash. It is recommended that affected systems be updated with the appropriate patch to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/suzT5N
https://www.cve.org/CVERecord?id=CVE-2023-43519
https://nvd.nist.gov/vuln/detail/CVE-2023-43519

Back to Vulnerability Database

CVE-2023-43519

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations