Published: 16/01/2015 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

libavcodec/utvideodec.c in FFmpeg prior to 2.5.2 does not check for a zero value of a slice height, which allows remote malicious users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ffmpeg ffmpeg
canonical ubuntu linux 12.04

Debian Bug report logs - #775593 libav: CVE-2014-{8544,8546,9316,9318,9319} Package: src:libav; Maintainer for src:libav is Debian Multimedia Maintainers <pkg-multimedia-maintainers@listsaliothdebianorg>; Reported by: Michael Gilbert <mgilbert@debianorg> Date: Sun, 21 Dec 2014 04:33:01 UTC Severity: important Tag ...

Libav could be made to crash or run programs as your login if it opened a specially crafted file ...

Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library A full list of the changes is available at gitlibavorg/?p=libavgit;a=blob;f=Changelog;hb=refs/tags/v0817 For the stable distribution (wheezy), these problems have been fixed in version 6:0817-1 For the unstable distribution ...

CWE-189 http://www.ubuntu.com/usn/USN-2534-1 https://security.gentoo.org/glsa/201603-06 http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3881606240953b9275a247a1c98a567f3c44890f https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775593 https://usn.ubuntu.com/2534-1/https://nvd.nist.gov

CVE-2014-9604

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect