Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2013-0860

Published: 23/11/2013 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Ffmpeg

Vulnerability Summary

The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg prior to 1.0.4 and 1.1.x prior to 1.1.1 does not properly verify that a frame is fully initialized, which allows remote malicious users to trigger a NULL pointer dereference via crafted picture data.

Vulnerable Product Search on Vulmon Subscribe to Product

ffmpeg ffmpeg 0.7.7

ffmpeg ffmpeg 0.7.1

ffmpeg ffmpeg 0.7.6

ffmpeg ffmpeg 0.4.5

ffmpeg ffmpeg 0.10.3

ffmpeg ffmpeg 0.3.2

ffmpeg ffmpeg 0.8.6

ffmpeg ffmpeg 0.4.7

ffmpeg ffmpeg 0.6.1

ffmpeg ffmpeg 0.3.3

ffmpeg ffmpeg 0.7.5

ffmpeg ffmpeg 0.5.4.6

ffmpeg ffmpeg 0.3

ffmpeg ffmpeg 0.4.2

ffmpeg ffmpeg 1.0

ffmpeg ffmpeg 0.5

ffmpeg ffmpeg 0.5.4

ffmpeg ffmpeg 0.9.1

ffmpeg ffmpeg 0.8.5.4

ffmpeg ffmpeg 0.8.5.3

ffmpeg ffmpeg 0.5.1

ffmpeg ffmpeg 0.8.5

ffmpeg ffmpeg 0.9

ffmpeg ffmpeg 0.3.1

ffmpeg ffmpeg 0.7.3

ffmpeg ffmpeg 0.4.9

ffmpeg ffmpeg 0.7.4

ffmpeg ffmpeg 0.8.0

ffmpeg ffmpeg 0.6

ffmpeg ffmpeg 0.5.3

ffmpeg ffmpeg 0.8.10

ffmpeg ffmpeg 0.4.4

ffmpeg ffmpeg 0.5.2

ffmpeg ffmpeg 0.4.6

ffmpeg ffmpeg 0.3.4

ffmpeg ffmpeg 0.7.8

ffmpeg ffmpeg 0.4.0

ffmpeg ffmpeg 0.6.2

ffmpeg ffmpeg 0.8.7

ffmpeg ffmpeg 1.0.1

ffmpeg ffmpeg 0.10.4

ffmpeg ffmpeg 0.7.9

ffmpeg ffmpeg 0.5.4.5

ffmpeg ffmpeg 0.11

ffmpeg ffmpeg 0.7

ffmpeg ffmpeg 1.1

ffmpeg ffmpeg 0.7.12

ffmpeg ffmpeg 0.8.1

ffmpeg ffmpeg 0.4.8

ffmpeg ffmpeg 0.4.3

ffmpeg ffmpeg 0.6.3

ffmpeg ffmpeg 0.8.11

ffmpeg ffmpeg

ffmpeg ffmpeg 0.10

ffmpeg ffmpeg 0.8.8

ffmpeg ffmpeg 0.8.2

ffmpeg ffmpeg 0.7.11

ffmpeg ffmpeg 0.7.2

ffmpeg ffmpeg 1.0.2

Vendor Advisories

Debian CVElist Bug Report Logs: libavcodec53: CVEs CVE-2013-0844 to CVE-2013-0874, CVE-2013-3670, CVE-2013-3672, CVE-2013-3674
Debian Bug report logs - #717009 libavcodec53: CVEs CVE-2013-0844 to CVE-2013-0874, CVE-2013-3670, CVE-2013-3672, CVE-2013-3674 Package: libavcodec53; Maintainer for libavcodec53 is (unknown); Reported by: Arne Wichmann <aw@linuxde> Date: Tue, 16 Jul 2013 00:21:02 UTC Severity: important Tags: security Found in version l ...

References

CWE-20http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=68a0477bc0af026db971ddba22541029a9e8715bhttp://www.mandriva.com/security/advisories?name=MDVSA-2014:227http://www.ffmpeg.org/security.htmlhttps://security.gentoo.org/glsa/201603-06http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3e196e4def03c7a91423803402f84d638d316c33https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717009https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook