Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2015-3395

Published: 16/06/2015 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Canonical

Vulnerability Summary

The msrle_decode_pal4 function in msrledec.c in Libav prior to 10.7 and 11.x prior to 11.4 and FFmpeg prior to 2.0.7, 2.2.x prior to 2.2.15, 2.4.x prior to 2.4.8, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.2 allows remote malicious users to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 12.04

ffmpeg ffmpeg 2.2.12

ffmpeg ffmpeg 2.2.8

ffmpeg ffmpeg 2.4.4

ffmpeg ffmpeg 2.5.0

ffmpeg ffmpeg 2.4.1

ffmpeg ffmpeg 2.2.4

ffmpeg ffmpeg 2.2.6

ffmpeg ffmpeg 2.2.3

ffmpeg ffmpeg 2.4.6

ffmpeg ffmpeg 2.6.0

ffmpeg ffmpeg 2.5.4

ffmpeg ffmpeg 2.2.1

ffmpeg ffmpeg 2.4.3

ffmpeg ffmpeg 2.2.14

ffmpeg ffmpeg 2.5.5

ffmpeg ffmpeg 2.4.7

ffmpeg ffmpeg 2.4.2

ffmpeg ffmpeg 2.4.5

ffmpeg ffmpeg 2.2.9

ffmpeg ffmpeg 2.2.11

ffmpeg ffmpeg 2.5.3

ffmpeg ffmpeg 2.2.10

ffmpeg ffmpeg 2.2.0

ffmpeg ffmpeg 2.2.13

ffmpeg ffmpeg 2.6.1

ffmpeg ffmpeg 2.0.6

ffmpeg ffmpeg 2.2.7

ffmpeg ffmpeg 2.5.1

ffmpeg ffmpeg 2.4.0

ffmpeg ffmpeg 2.2.5

ffmpeg ffmpeg 2.2.2

ffmpeg ffmpeg 2.5.2

libav libav

libav libav 11.1

libav libav 11.3

libav libav 11.0

libav libav 11.2

Vendor Advisories

Ubuntu Security Notice: libav vulnerabilities
Libav could be made to crash or run programs as your login if it opened a specially crafted file ...
Debian Security Advisories: DSA-3288-1 libav -- security update
Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library A full list of the changes is available at gitlibavorg/?p=libavgit;a=blob;f=Changelog;hb=refs/tags/v114 For the stable distribution (jessie), these problems have been fixed in version 6:114-1~deb8u1 For the testing distribut ...

References

CWE-119http://www.debian.org/security/2015/dsa-3288https://www.ffmpeg.org/security.htmlhttp://www.ubuntu.com/usn/USN-2944-1http://www.securityfocus.com/bid/74433https://security.gentoo.org/glsa/201603-06https://security.gentoo.org/glsa/201705-08https://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v11.4http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=f7e1367f58263593e6cee3c282f7277d7ee9d553https://nvd.nist.govhttps://usn.ubuntu.com/2944-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook