fkie_cve-2014-5271
Vulnerability from fkie_nvd
Published
2014-11-03 16:55
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBDCECF-B44E-415C-80ED-DB15332F7BFD",
"versionEndIncluding": "1.1.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "192F65AB-99F2-4722-B1A2-737A87282447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E30DB1-0CFC-4EAA-BF07-CE7551ABDCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA7D745-DC16-43B9-8A2D-4D6944A6BFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87A511A5-2040-433A-9B32-B89332214FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0C01DD9C-98C9-4896-8D66-A8336582298B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9BF628-8AE0-4D4A-9E9E-02C679B2BE3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D23F3-5D03-4192-B02B-F5D78420359B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F82CFB87-303C-4009-81CB-124D34446E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "68F87B18-B869-4608-81B8-DC30F3AEA728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5559F046-434D-4F9C-A6E2-F2E4196235BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "48216C77-CEDA-4F6B-8A24-1C22328AEEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7F8A300D-1771-4160-B649-4DD31A522454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6610C93A-059A-4151-A169-06CCF06D20AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE7723A-3D6B-4390-B82E-6A5A6992141A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED8FF93-5AA7-443C-BBDB-845736BB337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F779F23A-5D19-414A-A0D4-1A1C12B2B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "90C18AE4-911C-4E59-AF0C-972CD20D8780",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E5204A44-FB87-4CD1-8923-CFA5784D78EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C996BBC7-62F2-4100-A0C9-883DFF7C4593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D7C541-CB05-423C-9810-CE7BFACB569D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1337F5B-E9D9-4335-9E05-50018E59E530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B27C609-E4B4-41CD-B228-38267AA3A8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DBEE2-AF4E-4C2D-A185-F2A1B965D9DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEDAA24-D9E0-4384-B193-0C8814E4FDD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40B0C71E-341A-434A-90AE-326097AC85E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E83D73FF-E6F6-4399-B721-6C6275C52B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B70C00A9-3562-45AB-B494-3BA91B6AFC3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A30389D2-2873-4F15-B249-066B6D37AC23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0487928D-6630-4E23-BBA5-BED0A0F156B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3088131-C48D-463B-8709-78A90EDE1FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DADF01E6-CB58-4593-B444-A59232EE83CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06442F70-22B4-49E5-B25B-92E03973B57E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B08A7BE-7C98-4659-808F-86A8EB4676D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9CF7C7-3730-43EC-B63E-B004D979E57A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "207DF654-326E-43A9-A5EC-BC239BF30422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B50AB2A-FA23-4BB0-AA21-724E770ADEFB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libav:libav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "037F40EC-D223-43E3-80A9-41FB66A114B2",
"versionEndIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F27FF9C0-652E-42E8-90D0-B9B369DD6C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "15F27211-2DFC-4488-93D2-9A3664E593AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6418D3A-9972-4819-B2E6-2510438698A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF17452C-ED28-4558-9C90-102DF5485103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CECEC54E-7014-447C-9174-8C2B026FF0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "31BE32E4-9577-4BA7-A275-67A86DB7BCE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "16A3CC3F-C294-4DB3-97AE-1CFBED14A8AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8E252038-F5E0-427F-8E59-FFD633497D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFE2D9C-406B-48FB-A810-9F1C2FB42484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD1BB7A-D6FF-4B80-9DA6-36D081FB41CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "530C27CC-3250-4C94-8D88-F423FFD0BD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "936C1855-67FB-49C3-A20A-3FE331403366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92EB185C-1909-4359-B0C1-681E4ABEEECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "136C7881-DB5A-4018-B01F-D2F9069F53D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "090BF77B-A099-4ECD-A9BC-AAD4B499F4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "18053821-801F-4652-AA73-9FDC5F562BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.7:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B8B20C36-FD4A-4DEB-B060-90C25440606F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.7:beta2:*:*:*:*:*:*",
"matchCriteriaId": "3FB24BD2-D741-4790-89C5-133BF8AEB191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5322AE7-8CAD-45EF-9955-37D16EBBDD40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFCDCA15-DF61-4150-96D7-10D68D07DAD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D50C72-65B2-4490-9259-2A436207A72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BCDD63-DECF-4494-BCA7-30BFEE7055D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F3260A66-B1C9-42F0-841E-63FAB009F020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A452FEA8-93B8-4A08-8E07-3FD72687AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4953EC2E-BCD6-41B5-AEB3-0D82C15363A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8:beta2:*:*:*:*:*:*",
"matchCriteriaId": "3CEBE4E3-50F3-43CB-911F-E1B52C2B8B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "86038BA1-9B14-4F12-9D61-B106E70F855C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84A42948-6239-4DEB-8BF0-39971D60207E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "622D8D69-5FFB-4217-81B5-5FBC08A17C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF6BD45-4143-4A45-B7AB-E3428A8BFB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9D440FB2-C357-45B9-A4BA-B4AE8444ACC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9E89124C-D0DE-494E-A86E-C8D5A60808E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "43BFC27A-684F-4605-9272-6065CDD57098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "03543D1E-1601-4343-A9BA-19CAAFB34293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D1078353-5E19-4470-8920-E7516D7F83D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFDAE74-395A-46FB-AC3E-23B4B564C409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.11:*:*:*:*:*:*:*",
"matchCriteriaId": "CBAF4097-22FD-4C89-B3DC-8B3485731DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5E2DB2F5-F15C-46E8-B849-A62E3CB0D341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65F5C136-547E-4276-9F1D-50269CFCCDCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D0EDE5-D07E-44DB-928F-D152A45DA5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14B3AE25-BC95-4F18-A90C-2301942FCC27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n encode_slice en libavcodec/proresenc_kostya.c en FFMpeg anterior a 1.1.14, 1.2.x anterior a 1.2.8, 2.x anterior a 2.2.7, y 2.3.x anterior a 2.3.3 y Libav anterior a 10.5 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-5271",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-03T16:55:05.573",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=52b81ff4635c077b2bc8b8d3637d933b6629d803"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/111725"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/69250"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201603-06"
},
{
"source": "cve@mitre.org",
"url": "https://www.ffmpeg.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=52b81ff4635c077b2bc8b8d3637d933b6629d803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/111725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ffmpeg.org/security.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…