CVE-2026-28764
Received
Received - Intake
Heap-based Buffer Overflow in MediaInfoLib LXF Parser
Publication date: 2026-05-21
Last updated on: 2026-05-21
Assigner: Talos
Description
Description
MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mediaarea | mediainfolib | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-823 | The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a heap-based buffer overflow in the LXF element parsing functionality of MediaArea MediaInfoLib.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to high impact consequences including complete compromise of confidentiality, integrity, and availability of the affected system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70