csaf_opensuse - opensuse-su-2024:10926-1

opensuse-su-2024:10926-1

Vulnerability from csaf_opensuse

Published

2024-06-15 00:00

Modified

2024-06-15 00:00

Summary

libav-tools-12.3-1.17 on GA media

Notes

Title of the patch

libav-tools-12.3-1.17 on GA media

Description of the patch

These are all security issues fixed in the libav-tools-12.3-1.17 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-10926

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libav-tools-12.3-1.17 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libav-tools-12.3-1.17 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10926",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10926-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-3946 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-3946/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-6618 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-6618/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0851 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0851/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0852 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0852/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0868 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0868/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-7010 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-7010/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-8544 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-8544/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-9604 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-9604/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-3395 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-3395/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-3417 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-3417/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-5479 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-5479/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3062 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3062/"
      }
    ],
    "title": "libav-tools-12.3-1.17 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10926-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libav-tools-12.3-1.17.aarch64",
                "product": {
                  "name": "libav-tools-12.3-1.17.aarch64",
                  "product_id": "libav-tools-12.3-1.17.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libav-tools-12.3-1.17.ppc64le",
                "product": {
                  "name": "libav-tools-12.3-1.17.ppc64le",
                  "product_id": "libav-tools-12.3-1.17.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libav-tools-12.3-1.17.s390x",
                "product": {
                  "name": "libav-tools-12.3-1.17.s390x",
                  "product_id": "libav-tools-12.3-1.17.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libav-tools-12.3-1.17.x86_64",
                "product": {
                  "name": "libav-tools-12.3-1.17.x86_64",
                  "product_id": "libav-tools-12.3-1.17.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libav-tools-12.3-1.17.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64"
        },
        "product_reference": "libav-tools-12.3-1.17.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libav-tools-12.3-1.17.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le"
        },
        "product_reference": "libav-tools-12.3-1.17.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libav-tools-12.3-1.17.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x"
        },
        "product_reference": "libav-tools-12.3-1.17.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libav-tools-12.3-1.17.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        },
        "product_reference": "libav-tools-12.3-1.17.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2011-3946",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-3946"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-3946",
          "url": "https://www.suse.com/security/cve/CVE-2011-3946"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-3946"
    },
    {
      "cve": "CVE-2012-6618",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-6618"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient \"frames to estimate rate.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-6618",
          "url": "https://www.suse.com/security/cve/CVE-2012-6618"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2012-6618"
    },
    {
      "cve": "CVE-2013-0851",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0851"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0851",
          "url": "https://www.suse.com/security/cve/CVE-2013-0851"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0851"
    },
    {
      "cve": "CVE-2013-0852",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0852"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0852",
          "url": "https://www.suse.com/security/cve/CVE-2013-0852"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0852"
    },
    {
      "cve": "CVE-2013-0868",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0868"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from the init_vlc function and (2) \"len==0 cases.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0868",
          "url": "https://www.suse.com/security/cve/CVE-2013-0868"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189142 for CVE-2013-0868",
          "url": "https://bugzilla.suse.com/1189142"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-0868"
    },
    {
      "cve": "CVE-2013-7010",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-7010"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-7010",
          "url": "https://www.suse.com/security/cve/CVE-2013-7010"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-7010"
    },
    {
      "cve": "CVE-2014-8544",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-8544"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-8544",
          "url": "https://www.suse.com/security/cve/CVE-2014-8544"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-8544"
    },
    {
      "cve": "CVE-2014-9604",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-9604"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-9604",
          "url": "https://www.suse.com/security/cve/CVE-2014-9604"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-9604"
    },
    {
      "cve": "CVE-2015-3395",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-3395"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-3395",
          "url": "https://www.suse.com/security/cve/CVE-2015-3395"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 931216 for CVE-2015-3395",
          "url": "https://bugzilla.suse.com/931216"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-3395"
    },
    {
      "cve": "CVE-2015-3417",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-3417"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-3417",
          "url": "https://www.suse.com/security/cve/CVE-2015-3417"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-3417"
    },
    {
      "cve": "CVE-2015-5479",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-5479"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-5479",
          "url": "https://www.suse.com/security/cve/CVE-2015-5479"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 949760 for CVE-2015-5479",
          "url": "https://bugzilla.suse.com/949760"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-5479"
    },
    {
      "cve": "CVE-2016-3062",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3062"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
          "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3062",
          "url": "https://www.suse.com/security/cve/CVE-2016-3062"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 984487 for CVE-2016-3062",
          "url": "https://bugzilla.suse.com/984487"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.aarch64",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.ppc64le",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.s390x",
            "openSUSE Tumbleweed:libav-tools-12.3-1.17.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-3062"
    }
  ]
}

CVE-2016-3062 (GCVE-0-2016-3062)

Vulnerability from cvelistv5

Published

2016-06-16 18:00

Modified

2024-08-05 23:40

Severity ?

CWE

Summary

The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html	vendor-advisory, x_refsource_SUSE
	https://security.gentoo.org/glsa/201705-08	vendor-advisory, x_refsource_GENTOO
	https://git.libav.org/?p=libav.git%3Ba=commit%3Bh=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3603	vendor-advisory, x_refsource_DEBIAN
	https://bugzilla.libav.org/show_bug.cgi?id=929	x_refsource_CONFIRM
	https://github.com/FFmpeg/FFmpeg/commit/689e59b7ffed34eba6159dcc78e87133862e3746	x_refsource_CONFIRM
	https://libav.org/releases/libav-11.7.changelog	x_refsource_CONFIRM
	https://ffmpeg.org/security.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:40:15.226Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:1685",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html"
          },
          {
            "name": "GLSA-201705-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201705-08"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.libav.org/?p=libav.git%3Ba=commit%3Bh=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328"
          },
          {
            "name": "DSA-3603",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3603"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.libav.org/show_bug.cgi?id=929"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/FFmpeg/FFmpeg/commit/689e59b7ffed34eba6159dcc78e87133862e3746"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://libav.org/releases/libav-11.7.changelog"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://ffmpeg.org/security.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-30T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:1685",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html"
        },
        {
          "name": "GLSA-201705-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201705-08"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.libav.org/?p=libav.git%3Ba=commit%3Bh=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328"
        },
        {
          "name": "DSA-3603",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3603"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.libav.org/show_bug.cgi?id=929"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FFmpeg/FFmpeg/commit/689e59b7ffed34eba6159dcc78e87133862e3746"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://libav.org/releases/libav-11.7.changelog"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://ffmpeg.org/security.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-3062",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:1685",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html"
            },
            {
              "name": "GLSA-201705-08",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201705-08"
            },
            {
              "name": "https://git.libav.org/?p=libav.git;a=commit;h=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328",
              "refsource": "CONFIRM",
              "url": "https://git.libav.org/?p=libav.git;a=commit;h=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328"
            },
            {
              "name": "DSA-3603",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3603"
            },
            {
              "name": "https://bugzilla.libav.org/show_bug.cgi?id=929",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.libav.org/show_bug.cgi?id=929"
            },
            {
              "name": "https://github.com/FFmpeg/FFmpeg/commit/689e59b7ffed34eba6159dcc78e87133862e3746",
              "refsource": "CONFIRM",
              "url": "https://github.com/FFmpeg/FFmpeg/commit/689e59b7ffed34eba6159dcc78e87133862e3746"
            },
            {
              "name": "https://libav.org/releases/libav-11.7.changelog",
              "refsource": "CONFIRM",
              "url": "https://libav.org/releases/libav-11.7.changelog"
            },
            {
              "name": "https://ffmpeg.org/security.html",
              "refsource": "CONFIRM",
              "url": "https://ffmpeg.org/security.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-3062",
    "datePublished": "2016-06-16T18:00:00",
    "dateReserved": "2016-03-09T00:00:00",
    "dateUpdated": "2024-08-05T23:40:15.226Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-7010 (GCVE-0-2013-7010)

Vulnerability from cvelistv5

Published

2013-12-09 11:00

Modified

2024-08-06 17:53

Severity ?

CWE

Summary

Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data.

References

►

URL

Tags

	http://www.debian.org/security/2014/dsa-2855	vendor-advisory, x_refsource_DEBIAN
	https://security.gentoo.org/glsa/201603-06	vendor-advisory, x_refsource_GENTOO
	http://ffmpeg.org/security.html	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2013/12/08/3	mailing-list, x_refsource_MLIST
	https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760	x_refsource_CONFIRM
	http://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v9.11	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2013/11/26/7	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:53:46.001Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-2855",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2855"
          },
          {
            "name": "GLSA-201603-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201603-06"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://ffmpeg.org/security.html"
          },
          {
            "name": "[oss-security] 20131208 Re: CVE Request: FFmpeg 2.1 multiple problems",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/12/08/3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v9.11"
          },
          {
            "name": "[oss-security] 20131126 CVE Request: FFmpeg 2.1 multiple problems",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/11/26/7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-11-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T15:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-2855",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2855"
        },
        {
          "name": "GLSA-201603-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201603-06"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://ffmpeg.org/security.html"
        },
        {
          "name": "[oss-security] 20131208 Re: CVE Request: FFmpeg 2.1 multiple problems",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2013/12/08/3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v9.11"
        },
        {
          "name": "[oss-security] 20131126 CVE Request: FFmpeg 2.1 multiple problems",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2013/11/26/7"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-7010",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-2855",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2855"
            },
            {
              "name": "GLSA-201603-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201603-06"
            },
            {
              "name": "http://ffmpeg.org/security.html",
              "refsource": "CONFIRM",
              "url": "http://ffmpeg.org/security.html"
            },
            {
              "name": "[oss-security] 20131208 Re: CVE Request: FFmpeg 2.1 multiple problems",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2013/12/08/3"
            },
            {
              "name": "https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760",
              "refsource": "CONFIRM",
              "url": "https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760"
            },
            {
              "name": "http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v9.11",
              "refsource": "CONFIRM",
              "url": "http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v9.11"
            },
            {
              "name": "[oss-security] 20131126 CVE Request: FFmpeg 2.1 multiple problems",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2013/11/26/7"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-7010",
    "datePublished": "2013-12-09T11:00:00",
    "dateReserved": "2013-12-08T00:00:00",
    "dateUpdated": "2024-08-06T17:53:46.001Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-9604 (GCVE-0-2014-9604)

Vulnerability from cvelistv5

Published

2015-01-16 20:00

Modified

2024-08-06 13:47

Severity ?

CWE

Summary

libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions.

References

►

URL

Tags

	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3881606240953b9275a247a1c98a567f3c44890f	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2534-1	vendor-advisory, x_refsource_UBUNTU
	https://security.gentoo.org/glsa/201603-06	vendor-advisory, x_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:47:41.664Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3881606240953b9275a247a1c98a567f3c44890f"
          },
          {
            "name": "USN-2534-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2534-1"
          },
          {
            "name": "GLSA-201603-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201603-06"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T15:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3881606240953b9275a247a1c98a567f3c44890f"
        },
        {
          "name": "USN-2534-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2534-1"
        },
        {
          "name": "GLSA-201603-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201603-06"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9604",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f",
              "refsource": "CONFIRM",
              "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f"
            },
            {
              "name": "USN-2534-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2534-1"
            },
            {
              "name": "GLSA-201603-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201603-06"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9604",
    "datePublished": "2015-01-16T20:00:00",
    "dateReserved": "2015-01-16T00:00:00",
    "dateUpdated": "2024-08-06T13:47:41.664Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-0852 (GCVE-0-2013-0852)

Vulnerability from cvelistv5

Published

2013-12-07 21:00

Modified

2024-08-06 14:41

Severity ?

CWE

Summary

The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access.

References

►

URL

Tags

	http://www.mandriva.com/security/advisories?name=MDVSA-2014:227	vendor-advisory, x_refsource_MANDRIVA
	http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=c0d68be555f5858703383040e04fcd6529777061	x_refsource_CONFIRM
	http://www.ffmpeg.org/security.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:41:47.600Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2014:227",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:227"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=c0d68be555f5858703383040e04fcd6529777061"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ffmpeg.org/security.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-11-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-03-19T15:57:00",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "name": "MDVSA-2014:227",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:227"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=c0d68be555f5858703383040e04fcd6529777061"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ffmpeg.org/security.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2013-0852",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2014:227",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:227"
            },
            {
              "name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c0d68be555f5858703383040e04fcd6529777061",
              "refsource": "CONFIRM",
              "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c0d68be555f5858703383040e04fcd6529777061"
            },
            {
              "name": "http://www.ffmpeg.org/security.html",
              "refsource": "CONFIRM",
              "url": "http://www.ffmpeg.org/security.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2013-0852",
    "datePublished": "2013-12-07T21:00:00",
    "dateReserved": "2013-01-07T00:00:00",
    "dateUpdated": "2024-08-06T14:41:47.600Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-3946 (GCVE-0-2011-3946)

Vulnerability from cvelistv5

Published

2013-12-09 11:00

Modified

2024-08-06 23:53

Severity ?

CWE

Summary

The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop.

References

►

URL

Tags

	http://www.ffmpeg.org/security.html	x_refsource_CONFIRM
	http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=9decfc17bb76da34734296048d390b176abf404c	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:53:32.309Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ffmpeg.org/security.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=9decfc17bb76da34734296048d390b176abf404c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-01-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-12-09T04:57:00",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ffmpeg.org/security.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=9decfc17bb76da34734296048d390b176abf404c"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2011-3946",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ffmpeg.org/security.html",
              "refsource": "CONFIRM",
              "url": "http://www.ffmpeg.org/security.html"
            },
            {
              "name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9decfc17bb76da34734296048d390b176abf404c",
              "refsource": "CONFIRM",
              "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9decfc17bb76da34734296048d390b176abf404c"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2011-3946",
    "datePublished": "2013-12-09T11:00:00",
    "dateReserved": "2011-10-01T00:00:00",
    "dateUpdated": "2024-08-06T23:53:32.309Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-6618 (GCVE-0-2012-6618)

Vulnerability from cvelistv5

Published

2013-12-24 20:00

Modified

2024-08-06 21:36

Severity ?

CWE

Summary

The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate."

References

►

URL

Tags

	http://article.gmane.org/gmane.comp.video.ffmpeg.user/42233	mailing-list, x_refsource_MLIST
	https://trac.ffmpeg.org/ticket/1991	x_refsource_CONFIRM
	http://www.ffmpeg.org/security.html	x_refsource_CONFIRM
	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e74cd2f4706f71da5e9205003c1d8263b54ed3fb	x_refsource_CONFIRM
	http://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v9.11	x_refsource_CONFIRM
	http://secunia.com/advisories/51964	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:36:01.430Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[ffmpeg-user] 20121204  Re: Unable to analyze/transcode mp3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://article.gmane.org/gmane.comp.video.ffmpeg.user/42233"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://trac.ffmpeg.org/ticket/1991"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ffmpeg.org/security.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e74cd2f4706f71da5e9205003c1d8263b54ed3fb"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v9.11"
          },
          {
            "name": "51964",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51964"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-12-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient \"frames to estimate rate.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-02-14T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[ffmpeg-user] 20121204  Re: Unable to analyze/transcode mp3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://article.gmane.org/gmane.comp.video.ffmpeg.user/42233"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://trac.ffmpeg.org/ticket/1991"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ffmpeg.org/security.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e74cd2f4706f71da5e9205003c1d8263b54ed3fb"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v9.11"
        },
        {
          "name": "51964",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51964"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2012-6618",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient \"frames to estimate rate.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[ffmpeg-user] 20121204  Re: Unable to analyze/transcode mp3",
              "refsource": "MLIST",
              "url": "http://article.gmane.org/gmane.comp.video.ffmpeg.user/42233"
            },
            {
              "name": "https://trac.ffmpeg.org/ticket/1991",
              "refsource": "CONFIRM",
              "url": "https://trac.ffmpeg.org/ticket/1991"
            },
            {
              "name": "http://www.ffmpeg.org/security.html",
              "refsource": "CONFIRM",
              "url": "http://www.ffmpeg.org/security.html"
            },
            {
              "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e74cd2f4706f71da5e9205003c1d8263b54ed3fb",
              "refsource": "CONFIRM",
              "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e74cd2f4706f71da5e9205003c1d8263b54ed3fb"
            },
            {
              "name": "http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v9.11",
              "refsource": "CONFIRM",
              "url": "http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v9.11"
            },
            {
              "name": "51964",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51964"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2012-6618",
    "datePublished": "2013-12-24T20:00:00",
    "dateReserved": "2013-12-24T00:00:00",
    "dateUpdated": "2024-08-06T21:36:01.430Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-0868 (GCVE-0-2013-0868)

Vulnerability from cvelistv5

Published

2013-11-23 18:00

Modified

2024-08-06 14:41

Severity ?

CWE

Summary

libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from the init_vlc function and (2) "len==0 cases."

References

►

URL

Tags

	http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=6baa54924980e1f0e8121e4715d16ed1adcd2a23	x_refsource_CONFIRM
	http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=75e88db33013eaa7ab74457f5556df677b4ffb42	x_refsource_CONFIRM
	http://www.ffmpeg.org/security.html	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201603-06	vendor-advisory, x_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:41:47.599Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=6baa54924980e1f0e8121e4715d16ed1adcd2a23"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=75e88db33013eaa7ab74457f5556df677b4ffb42"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ffmpeg.org/security.html"
          },
          {
            "name": "GLSA-201603-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201603-06"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-01-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from the init_vlc function and (2) \"len==0 cases.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T15:57:02",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=6baa54924980e1f0e8121e4715d16ed1adcd2a23"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=75e88db33013eaa7ab74457f5556df677b4ffb42"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ffmpeg.org/security.html"
        },
        {
          "name": "GLSA-201603-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201603-06"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2013-0868",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from the init_vlc function and (2) \"len==0 cases.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6baa54924980e1f0e8121e4715d16ed1adcd2a23",
              "refsource": "CONFIRM",
              "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6baa54924980e1f0e8121e4715d16ed1adcd2a23"
            },
            {
              "name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=75e88db33013eaa7ab74457f5556df677b4ffb42",
              "refsource": "CONFIRM",
              "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=75e88db33013eaa7ab74457f5556df677b4ffb42"
            },
            {
              "name": "http://www.ffmpeg.org/security.html",
              "refsource": "CONFIRM",
              "url": "http://www.ffmpeg.org/security.html"
            },
            {
              "name": "GLSA-201603-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201603-06"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2013-0868",
    "datePublished": "2013-11-23T18:00:00",
    "dateReserved": "2013-01-07T00:00:00",
    "dateUpdated": "2024-08-06T14:41:47.599Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-3395 (GCVE-0-2015-3395)

Vulnerability from cvelistv5

Published

2015-06-16 16:00

Modified

2024-08-06 05:47

Severity ?

CWE

Summary

The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.

References

►

URL

Tags

	https://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v11.4	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201705-08	vendor-advisory, x_refsource_GENTOO
	http://www.ubuntu.com/usn/USN-2944-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2015/dsa-3288	vendor-advisory, x_refsource_DEBIAN
	http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=f7e1367f58263593e6cee3c282f7277d7ee9d553	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201603-06	vendor-advisory, x_refsource_GENTOO
	http://www.securityfocus.com/bid/74433	vdb-entry, x_refsource_BID
	https://www.ffmpeg.org/security.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:47:57.389Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v11.4"
          },
          {
            "name": "GLSA-201705-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201705-08"
          },
          {
            "name": "USN-2944-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2944-1"
          },
          {
            "name": "DSA-3288",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3288"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=f7e1367f58263593e6cee3c282f7277d7ee9d553"
          },
          {
            "name": "GLSA-201603-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201603-06"
          },
          {
            "name": "74433",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74433"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ffmpeg.org/security.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-30T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v11.4"
        },
        {
          "name": "GLSA-201705-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201705-08"
        },
        {
          "name": "USN-2944-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2944-1"
        },
        {
          "name": "DSA-3288",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3288"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=f7e1367f58263593e6cee3c282f7277d7ee9d553"
        },
        {
          "name": "GLSA-201603-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201603-06"
        },
        {
          "name": "74433",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74433"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ffmpeg.org/security.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3395",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.4",
              "refsource": "CONFIRM",
              "url": "https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.4"
            },
            {
              "name": "GLSA-201705-08",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201705-08"
            },
            {
              "name": "USN-2944-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2944-1"
            },
            {
              "name": "DSA-3288",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3288"
            },
            {
              "name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7e1367f58263593e6cee3c282f7277d7ee9d553",
              "refsource": "CONFIRM",
              "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7e1367f58263593e6cee3c282f7277d7ee9d553"
            },
            {
              "name": "GLSA-201603-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201603-06"
            },
            {
              "name": "74433",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74433"
            },
            {
              "name": "https://www.ffmpeg.org/security.html",
              "refsource": "CONFIRM",
              "url": "https://www.ffmpeg.org/security.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3395",
    "datePublished": "2015-06-16T16:00:00",
    "dateReserved": "2015-04-21T00:00:00",
    "dateUpdated": "2024-08-06T05:47:57.389Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-5479 (GCVE-0-2015-5479)

Vulnerability from cvelistv5

Published

2016-04-19 14:00

Modified

2024-08-06 06:50

Severity ?

CWE

Summary

The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html	vendor-advisory, x_refsource_SUSE
	https://libav.org/releases/libav-11.5.changelog	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2944-1	vendor-advisory, x_refsource_UBUNTU
	https://blogs.gentoo.org/ago/2015/07/16/libav-divide-by-zero-in-ff_h263_decode_mba/	x_refsource_MISC
	http://www.securityfocus.com/bid/75932	vdb-entry, x_refsource_BID
	https://git.libav.org/?p=libav.git%3Ba=commitdiff%3Bh=0a49a62f998747cfa564d98d36a459fe70d3299b	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:50:02.435Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:1685",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://libav.org/releases/libav-11.5.changelog"
          },
          {
            "name": "USN-2944-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2944-1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2015/07/16/libav-divide-by-zero-in-ff_h263_decode_mba/"
          },
          {
            "name": "75932",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75932"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.libav.org/?p=libav.git%3Ba=commitdiff%3Bh=0a49a62f998747cfa564d98d36a459fe70d3299b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-07-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:1685",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://libav.org/releases/libav-11.5.changelog"
        },
        {
          "name": "USN-2944-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2944-1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2015/07/16/libav-divide-by-zero-in-ff_h263_decode_mba/"
        },
        {
          "name": "75932",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75932"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.libav.org/?p=libav.git%3Ba=commitdiff%3Bh=0a49a62f998747cfa564d98d36a459fe70d3299b"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-5479",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:1685",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html"
            },
            {
              "name": "https://libav.org/releases/libav-11.5.changelog",
              "refsource": "CONFIRM",
              "url": "https://libav.org/releases/libav-11.5.changelog"
            },
            {
              "name": "USN-2944-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2944-1"
            },
            {
              "name": "https://blogs.gentoo.org/ago/2015/07/16/libav-divide-by-zero-in-ff_h263_decode_mba/",
              "refsource": "MISC",
              "url": "https://blogs.gentoo.org/ago/2015/07/16/libav-divide-by-zero-in-ff_h263_decode_mba/"
            },
            {
              "name": "75932",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/75932"
            },
            {
              "name": "https://git.libav.org/?p=libav.git;a=commitdiff;h=0a49a62f998747cfa564d98d36a459fe70d3299b",
              "refsource": "CONFIRM",
              "url": "https://git.libav.org/?p=libav.git;a=commitdiff;h=0a49a62f998747cfa564d98d36a459fe70d3299b"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-5479",
    "datePublished": "2016-04-19T14:00:00",
    "dateReserved": "2015-07-10T00:00:00",
    "dateUpdated": "2024-08-06T06:50:02.435Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-0851 (GCVE-0-2013-0851)

Vulnerability from cvelistv5

Published

2013-12-07 21:00

Modified

2024-08-06 14:41

Severity ?

CWE

Summary

The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access.

References

►

URL

Tags

	http://www.ffmpeg.org/security.html	x_refsource_CONFIRM
	http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=63ac64864c6e0e84355aa3caa5b92208997a9a8d	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:41:47.601Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ffmpeg.org/security.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=63ac64864c6e0e84355aa3caa5b92208997a9a8d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-11-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-12-07T20:57:00",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ffmpeg.org/security.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=63ac64864c6e0e84355aa3caa5b92208997a9a8d"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2013-0851",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ffmpeg.org/security.html",
              "refsource": "CONFIRM",
              "url": "http://www.ffmpeg.org/security.html"
            },
            {
              "name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=63ac64864c6e0e84355aa3caa5b92208997a9a8d",
              "refsource": "CONFIRM",
              "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=63ac64864c6e0e84355aa3caa5b92208997a9a8d"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2013-0851",
    "datePublished": "2013-12-07T21:00:00",
    "dateReserved": "2013-01-07T00:00:00",
    "dateUpdated": "2024-08-06T14:41:47.601Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-3417 (GCVE-0-2015-3417)

Vulnerability from cvelistv5

Published

2015-04-24 17:00

Modified

2024-08-06 05:47

Severity ?

CWE

Summary

Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data.

References

►

URL

Tags

	https://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v11.4	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201705-08	vendor-advisory, x_refsource_GENTOO
	http://www.securitytracker.com/id/1032198	vdb-entry, x_refsource_SECTRACK
	http://www.debian.org/security/2015/dsa-3288	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/74385	vdb-entry, x_refsource_BID
	https://github.com/FFmpeg/FFmpeg/commit/e8714f6f93d1a32f4e4655209960afcf4c185214	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2015/Apr/31	mailing-list, x_refsource_FULLDISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:47:57.813Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v11.4"
          },
          {
            "name": "GLSA-201705-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201705-08"
          },
          {
            "name": "1032198",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032198"
          },
          {
            "name": "DSA-3288",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3288"
          },
          {
            "name": "74385",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74385"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/FFmpeg/FFmpeg/commit/e8714f6f93d1a32f4e4655209960afcf4c185214"
          },
          {
            "name": "20150414 several issues in SQLite (+ catching up on several other bugs)",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2015/Apr/31"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-04-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-30T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v11.4"
        },
        {
          "name": "GLSA-201705-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201705-08"
        },
        {
          "name": "1032198",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032198"
        },
        {
          "name": "DSA-3288",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3288"
        },
        {
          "name": "74385",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74385"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FFmpeg/FFmpeg/commit/e8714f6f93d1a32f4e4655209960afcf4c185214"
        },
        {
          "name": "20150414 several issues in SQLite (+ catching up on several other bugs)",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2015/Apr/31"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3417",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.4",
              "refsource": "CONFIRM",
              "url": "https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.4"
            },
            {
              "name": "GLSA-201705-08",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201705-08"
            },
            {
              "name": "1032198",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032198"
            },
            {
              "name": "DSA-3288",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3288"
            },
            {
              "name": "74385",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74385"
            },
            {
              "name": "https://github.com/FFmpeg/FFmpeg/commit/e8714f6f93d1a32f4e4655209960afcf4c185214",
              "refsource": "CONFIRM",
              "url": "https://github.com/FFmpeg/FFmpeg/commit/e8714f6f93d1a32f4e4655209960afcf4c185214"
            },
            {
              "name": "20150414 several issues in SQLite (+ catching up on several other bugs)",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2015/Apr/31"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3417",
    "datePublished": "2015-04-24T17:00:00",
    "dateReserved": "2015-04-24T00:00:00",
    "dateUpdated": "2024-08-06T05:47:57.813Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-8544 (GCVE-0-2014-8544)

Vulnerability from cvelistv5

Published

2014-11-05 11:00

Modified

2024-08-06 13:18

Severity ?

CWE

Summary

libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data.

References

►

URL

Tags

	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2534-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ffmpeg.org/security.html	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201603-06	vendor-advisory, x_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:18:48.642Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5"
          },
          {
            "name": "USN-2534-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2534-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ffmpeg.org/security.html"
          },
          {
            "name": "GLSA-201603-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201603-06"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T15:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5"
        },
        {
          "name": "USN-2534-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2534-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ffmpeg.org/security.html"
        },
        {
          "name": "GLSA-201603-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201603-06"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8544",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5",
              "refsource": "CONFIRM",
              "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5"
            },
            {
              "name": "USN-2534-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2534-1"
            },
            {
              "name": "http://www.ffmpeg.org/security.html",
              "refsource": "CONFIRM",
              "url": "http://www.ffmpeg.org/security.html"
            },
            {
              "name": "GLSA-201603-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201603-06"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8544",
    "datePublished": "2014-11-05T11:00:00",
    "dateReserved": "2014-10-30T00:00:00",
    "dateUpdated": "2024-08-06T13:18:48.642Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

opensuse-su-2024:10926-1

Vulnerability from csaf_opensuse

CVE-2016-3062 (GCVE-0-2016-3062)

Vulnerability from cvelistv5

CVE-2013-7010 (GCVE-0-2013-7010)

Vulnerability from cvelistv5

CVE-2014-9604 (GCVE-0-2014-9604)

Vulnerability from cvelistv5

CVE-2013-0852 (GCVE-0-2013-0852)

Vulnerability from cvelistv5

CVE-2011-3946 (GCVE-0-2011-3946)

Vulnerability from cvelistv5

CVE-2012-6618 (GCVE-0-2012-6618)

Vulnerability from cvelistv5

CVE-2013-0868 (GCVE-0-2013-0868)

Vulnerability from cvelistv5

CVE-2015-3395 (GCVE-0-2015-3395)

Vulnerability from cvelistv5

CVE-2015-5479 (GCVE-0-2015-5479)

Vulnerability from cvelistv5

CVE-2013-0851 (GCVE-0-2013-0851)

Vulnerability from cvelistv5

CVE-2015-3417 (GCVE-0-2015-3417)

Vulnerability from cvelistv5

CVE-2014-8544 (GCVE-0-2014-8544)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature