Published: 05/11/2014 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

libavcodec/utils.c in FFmpeg prior to 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote malicious users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ffmpeg ffmpeg
canonical ubuntu linux 12.04
debian debian linux 8.0

Libav could be made to crash or run programs as your login if it opened a specially crafted file ...

Debian Bug report logs - #773626 libav: multiple security issues Package: src:libav; Maintainer for src:libav is Debian Multimedia Maintainers <pkg-multimedia-maintainers@listsaliothdebianorg>; Reported by: Michael Gilbert <mgilbert@debianorg> Date: Sun, 21 Dec 2014 04:33:01 UTC Severity: serious Tags: fixed-upst ...

Debian Bug report logs - #775593 libav: CVE-2014-{8544,8546,9316,9318,9319} Package: src:libav; Maintainer for src:libav is Debian Multimedia Maintainers <pkg-multimedia-maintainers@listsaliothdebianorg>; Reported by: Michael Gilbert <mgilbert@debianorg> Date: Sun, 21 Dec 2014 04:33:01 UTC Severity: important Tag ...

CWE-119 http://www.ffmpeg.org/security.html http://www.ubuntu.com/usn/USN-2534-1 https://security.gentoo.org/glsa/201603-06 https://lists.debian.org/debian-lts-announce/2019/02/msg00005.html http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=105654e376a736d243aef4a1d121abebce912e6b https://usn.ubuntu.com/2534-1/https://nvd.nist.gov

CVE-2014-8542

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect