ID CVE-2016-2326
Summary Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.
References
Vulnerable Configurations
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 7.0
    cpe:2.3:o:debian:debian_linux:7.0
  • Canonical Ubuntu Linux 12.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:lts
  • FFmpeg 2.8.4
    cpe:2.3:a:ffmpeg:ffmpeg:2.8.4
CVSS
Base: 6.8 (as of 06-12-2016 - 14:44)
Impact:
Exploitability:
CWE CWE-190
CAPEC
  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201705-08.NASL
    description The remote host is affected by the vulnerability described in GLSA-201705-08 (libav: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libav. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted media file in an application linked against libav, possibly resulting in execution of arbitrary code with the privileges of the application, a Denial of Service condition or access the content of arbitrary local files. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2017-05-10
    plugin id 100085
    published 2017-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100085
    title GLSA-201705-08 : libav: Multiple vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201606-09.NASL
    description The remote host is affected by the vulnerability described in GLSA-201606-09 (FFmpeg: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2016-10-10
    plugin id 91703
    published 2016-06-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91703
    title GLSA-201606-09 : FFmpeg: Multiple vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2944-1.NASL
    description It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 90349
    published 2016-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90349
    title Ubuntu 12.04 LTS : libav vulnerabilities (USN-2944-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3506.NASL
    description Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 89696
    published 2016-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89696
    title Debian DSA-3506-1 : libav - security update
refmap via4
bid 84165
confirm http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7c0b84d89911b2035161f5ef51aafbfcc84aa9e2
debian DSA-3506
gentoo
  • GLSA-201606-09
  • GLSA-201705-08
sectrack 1035010
ubuntu USN-2944-1
Last major update 06-12-2016 - 14:46
Published 12-02-2016 - 00:59
Last modified 30-06-2017 - 21:29
Back to Top