All the vulnerabilites related to unspecified - ffmpeg
cve-2022-3964
Vulnerability from cvelistv5
Published
2022-11-13 00:00
Modified
2024-08-03 01:27
Severity ?
EPSS score ?
Summary
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213543.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | ffmpeg |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:27:53.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/92f9b28ed84a77138105475beba16c146bdaf984"
},
{
"tags": [
"x_transferred"
],
"url": "https://vuldb.com/?id.213543"
},
{
"name": "GLSA-202312-14",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-14"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ffmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213543."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption -\u003e CWE-125 Out-of-Bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-23T12:06:18.621160",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/92f9b28ed84a77138105475beba16c146bdaf984"
},
{
"url": "https://vuldb.com/?id.213543"
},
{
"name": "GLSA-202312-14",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202312-14"
}
],
"title": "ffmpeg QuickTime RPZA Video Encoder rpzaenc.c out-of-bounds",
"x_generator": "vuldb.com"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2022-3964",
"datePublished": "2022-11-13T00:00:00",
"dateReserved": "2022-11-13T00:00:00",
"dateUpdated": "2024-08-03T01:27:53.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125013
Vulnerability from cvelistv5
Published
2022-06-18 06:16
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=c919e1ca2ecfc47d796382973ba0e48b8f6f92a2 | x_refsource_MISC | |
| https://vuldb.com/?id.12389 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=c919e1ca2ecfc47d796382973ba0e48b8f6f92a2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12389"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:16:02",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=c919e1ca2ecfc47d796382973ba0e48b8f6f92a2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12389"
}
],
"title": "FFmpeg msrle.c msrle_decode_frame memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125013",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg msrle.c msrle_decode_frame memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c919e1ca2ecfc47d796382973ba0e48b8f6f92a2",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c919e1ca2ecfc47d796382973ba0e48b8f6f92a2"
},
{
"name": "https://vuldb.com/?id.12389",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12389"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125013",
"datePublished": "2022-06-18T06:16:02",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125018
Vulnerability from cvelistv5
Published
2022-06-19 06:10
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8a3b85f3a7 | x_refsource_MISC | |
| https://vuldb.com/?id.12296 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8a3b85f3a7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12296"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-19T06:10:24",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8a3b85f3a7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12296"
}
],
"title": "FFmpeg decode_slice_header memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125018",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg decode_slice_header memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8a3b85f3a7",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8a3b85f3a7"
},
{
"name": "https://vuldb.com/?id.12296",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12296"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125018",
"datePublished": "2022-06-19T06:10:24",
"dateReserved": "2022-06-18T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125002
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=f1caaa1c61310beba705957e6366f0392a0b005b | x_refsource_MISC | |
| https://vuldb.com/?id.12588 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=f1caaa1c61310beba705957e6366f0392a0b005b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:44",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=f1caaa1c61310beba705957e6366f0392a0b005b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12588"
}
],
"title": "FFmpeg dnxhdenc.c dnxhd_init_rc memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125002",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg dnxhdenc.c dnxhd_init_rc memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f1caaa1c61310beba705957e6366f0392a0b005b",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f1caaa1c61310beba705957e6366f0392a0b005b"
},
{
"name": "https://vuldb.com/?id.12588",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125002",
"datePublished": "2022-06-18T06:15:44",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125008
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=f5d1d1e4667ba346ea7e0f97e6d2756bc9d4abde | x_refsource_MISC | |
| https://vuldb.com/?id.12582 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=f5d1d1e4667ba346ea7e0f97e6d2756bc9d4abde"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12582"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:54",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=f5d1d1e4667ba346ea7e0f97e6d2756bc9d4abde"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12582"
}
],
"title": "FFmpeg oggparsevorbis.c vorbis_header memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125008",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg oggparsevorbis.c vorbis_header memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f5d1d1e4667ba346ea7e0f97e6d2756bc9d4abde",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f5d1d1e4667ba346ea7e0f97e6d2756bc9d4abde"
},
{
"name": "https://vuldb.com/?id.12582",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12582"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125008",
"datePublished": "2022-06-18T06:15:54",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125010
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=91253839e14cce9793ee93f184cef609ca8195d5 | x_refsource_MISC | |
| https://vuldb.com/?id.12392 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=91253839e14cce9793ee93f184cef609ca8195d5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12392"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:57",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=91253839e14cce9793ee93f184cef609ca8195d5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12392"
}
],
"title": "FFmpeg h64.c decode_slice_header memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125010",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg h64.c decode_slice_header memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=91253839e14cce9793ee93f184cef609ca8195d5",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=91253839e14cce9793ee93f184cef609ca8195d5"
},
{
"name": "https://vuldb.com/?id.12392",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12392"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125010",
"datePublished": "2022-06-18T06:15:57",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125024
Vulnerability from cvelistv5
Published
2022-06-19 06:10
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=4c3e1956ee | x_refsource_MISC | |
| https://vuldb.com/?id.12302 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=4c3e1956ee"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-19T06:10:33",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=4c3e1956ee"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12302"
}
],
"title": "FFmpeg lag_decode_frame memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125024",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg lag_decode_frame memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "7.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4c3e1956ee",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4c3e1956ee"
},
{
"name": "https://vuldb.com/?id.12302",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12302"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125024",
"datePublished": "2022-06-19T06:10:33",
"dateReserved": "2022-06-18T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125023
Vulnerability from cvelistv5
Published
2022-06-19 06:10
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=2240e2078d | x_refsource_MISC | |
| https://vuldb.com/?id.12301 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=2240e2078d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12301"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-19T06:10:32",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=2240e2078d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12301"
}
],
"title": "FFmpeg Truemotion1 truemotion1_decode_header memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125023",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg Truemotion1 truemotion1_decode_header memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=2240e2078d",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=2240e2078d"
},
{
"name": "https://vuldb.com/?id.12301",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12301"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125023",
"datePublished": "2022-06-19T06:10:32",
"dateReserved": "2022-06-18T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125014
Vulnerability from cvelistv5
Published
2022-06-18 06:16
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=d1e6602665 | x_refsource_MISC | |
| https://vuldb.com/?id.12367 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=d1e6602665"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12367"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:16:04",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=d1e6602665"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12367"
}
],
"title": "FFmpeg HEVC Video Decoder memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125014",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg HEVC Video Decoder memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d1e6602665",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d1e6602665"
},
{
"name": "https://vuldb.com/?id.12367",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12367"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125014",
"datePublished": "2022-06-18T06:16:04",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125012
Vulnerability from cvelistv5
Published
2022-06-18 06:16
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=a392bf657015c9a79a5a13adfbfb15086c1943b9 | x_refsource_MISC | |
| https://vuldb.com/?id.12390 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=a392bf657015c9a79a5a13adfbfb15086c1943b9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12390"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-192",
"description": "CWE-192 Integer Coercion Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:16:00",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=a392bf657015c9a79a5a13adfbfb15086c1943b9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12390"
}
],
"title": "FFmpeg dxtroy.c integer coercion",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125012",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg dxtroy.c integer coercion"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-192 Integer Coercion Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=a392bf657015c9a79a5a13adfbfb15086c1943b9",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=a392bf657015c9a79a5a13adfbfb15086c1943b9"
},
{
"name": "https://vuldb.com/?id.12390",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12390"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125012",
"datePublished": "2022-06-18T06:16:00",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125019
Vulnerability from cvelistv5
Published
2022-06-19 06:10
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=b25e84b739 | x_refsource_MISC | |
| https://vuldb.com/?id.12297 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=b25e84b739"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12297"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-19T06:10:26",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=b25e84b739"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12297"
}
],
"title": "FFmpeg Slice Segment decode_nal_unit memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125019",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg Slice Segment decode_nal_unit memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=b25e84b739",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=b25e84b739"
},
{
"name": "https://vuldb.com/?id.12297",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12297"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125019",
"datePublished": "2022-06-19T06:10:26",
"dateReserved": "2022-06-18T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125004
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=6ba02602aa7fc7d38db582e75b8b093fb3c1608d | x_refsource_MISC | |
| https://vuldb.com/?id.12586 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=6ba02602aa7fc7d38db582e75b8b093fb3c1608d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12586"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:48",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=6ba02602aa7fc7d38db582e75b8b093fb3c1608d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12586"
}
],
"title": "FFmpeg vmnc.c decode_hextile memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125004",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg vmnc.c decode_hextile memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6ba02602aa7fc7d38db582e75b8b093fb3c1608d",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6ba02602aa7fc7d38db582e75b8b093fb3c1608d"
},
{
"name": "https://vuldb.com/?id.12586",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12586"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125004",
"datePublished": "2022-06-18T06:15:48",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125022
Vulnerability from cvelistv5
Published
2022-06-19 06:10
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=1713eec29a | x_refsource_MISC | |
| https://vuldb.com/?id.12300 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=1713eec29a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-19T06:10:30",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=1713eec29a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12300"
}
],
"title": "FFmpeg Bitstream Buffer shorten_decode_frame memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125022",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg Bitstream Buffer shorten_decode_frame memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=1713eec29a",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=1713eec29a"
},
{
"name": "https://vuldb.com/?id.12300",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125022",
"datePublished": "2022-06-19T06:10:30",
"dateReserved": "2022-06-18T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125005
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3edc3b159503d512c919b3d5902f7026e961823a | x_refsource_MISC | |
| https://vuldb.com/?id.12585 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3edc3b159503d512c919b3d5902f7026e961823a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12585"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:49",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3edc3b159503d512c919b3d5902f7026e961823a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12585"
}
],
"title": "FFmpeg mpeg4videodec.c decode_vol_header memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125005",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg mpeg4videodec.c decode_vol_header memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3edc3b159503d512c919b3d5902f7026e961823a",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3edc3b159503d512c919b3d5902f7026e961823a"
},
{
"name": "https://vuldb.com/?id.12585",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12585"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125005",
"datePublished": "2022-06-18T06:15:49",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125003
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8001e9f7d17e90b4b0898ba64e3b8bbd716c513c | x_refsource_MISC | |
| https://vuldb.com/?id.12587 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8001e9f7d17e90b4b0898ba64e3b8bbd716c513c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12587"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:46",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8001e9f7d17e90b4b0898ba64e3b8bbd716c513c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12587"
}
],
"title": "FFmpeg jpeg2000dec.c get_siz memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125003",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg jpeg2000dec.c get_siz memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8001e9f7d17e90b4b0898ba64e3b8bbd716c513c",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8001e9f7d17e90b4b0898ba64e3b8bbd716c513c"
},
{
"name": "https://vuldb.com/?id.12587",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12587"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125003",
"datePublished": "2022-06-18T06:15:46",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125017
Vulnerability from cvelistv5
Published
2022-06-18 06:16
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=77bb0004bbe18f1498cfecdc68db5f10808b6599 | x_refsource_MISC | |
| https://vuldb.com/?id.12340 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=77bb0004bbe18f1498cfecdc68db5f10808b6599"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12340"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:16:08",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=77bb0004bbe18f1498cfecdc68db5f10808b6599"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12340"
}
],
"title": "FFmpeg rpza_decode_stream memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125017",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg rpza_decode_stream memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "7.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=77bb0004bbe18f1498cfecdc68db5f10808b6599",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=77bb0004bbe18f1498cfecdc68db5f10808b6599"
},
{
"name": "https://vuldb.com/?id.12340",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12340"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125017",
"datePublished": "2022-06-18T06:16:08",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125009
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=61d59703c91869f4e5cdacd8d6be52f8b89d4ba4 | x_refsource_MISC | |
| https://vuldb.com/?id.12393 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=61d59703c91869f4e5cdacd8d6be52f8b89d4ba4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12393"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:55",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=61d59703c91869f4e5cdacd8d6be52f8b89d4ba4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12393"
}
],
"title": "FFmpeg snow.h add_yblock memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125009",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg snow.h add_yblock memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=61d59703c91869f4e5cdacd8d6be52f8b89d4ba4",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=61d59703c91869f4e5cdacd8d6be52f8b89d4ba4"
},
{
"name": "https://vuldb.com/?id.12393",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12393"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125009",
"datePublished": "2022-06-18T06:15:55",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125021
Vulnerability from cvelistv5
Published
2022-06-19 06:10
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=5430839144 | x_refsource_MISC | |
| https://vuldb.com/?id.12299 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=5430839144"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12299"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-19T06:10:29",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=5430839144"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12299"
}
],
"title": "FFmpeg cmv_process_header memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125021",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg cmv_process_header memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=5430839144",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=5430839144"
},
{
"name": "https://vuldb.com/?id.12299",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12299"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125021",
"datePublished": "2022-06-19T06:10:29",
"dateReserved": "2022-06-18T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125006
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8c55ff393340998faae887dfac19e7ef128e1e58 | x_refsource_MISC | |
| https://vuldb.com/?id.12584 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8c55ff393340998faae887dfac19e7ef128e1e58"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12584"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:51",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8c55ff393340998faae887dfac19e7ef128e1e58"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12584"
}
],
"title": "FFmpeg h264.c output_frame memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125006",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg h264.c output_frame memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c55ff393340998faae887dfac19e7ef128e1e58",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c55ff393340998faae887dfac19e7ef128e1e58"
},
{
"name": "https://vuldb.com/?id.12584",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12584"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125006",
"datePublished": "2022-06-18T06:15:51",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125020
Vulnerability from cvelistv5
Published
2022-06-19 06:10
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=1f097d168d | x_refsource_MISC | |
| https://vuldb.com/?id.12298 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=1f097d168d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12298"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-19T06:10:27",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=1f097d168d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12298"
}
],
"title": "FFmpeg decode_update_thread_context memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125020",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg decode_update_thread_context memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "7.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=1f097d168d",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=1f097d168d"
},
{
"name": "https://vuldb.com/?id.12298",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12298"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125020",
"datePublished": "2022-06-19T06:10:27",
"dateReserved": "2022-06-18T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125007
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=dfefc9097e9b4bb20442e65454a40043bd189b3d | x_refsource_MISC | |
| https://vuldb.com/?id.12583 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=dfefc9097e9b4bb20442e65454a40043bd189b3d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12583"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:52",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=dfefc9097e9b4bb20442e65454a40043bd189b3d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12583"
}
],
"title": "FFmpeg hevcpred_template.c intra_pred memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125007",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg hevcpred_template.c intra_pred memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=dfefc9097e9b4bb20442e65454a40043bd189b3d",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=dfefc9097e9b4bb20442e65454a40043bd189b3d"
},
{
"name": "https://vuldb.com/?id.12583",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12583"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125007",
"datePublished": "2022-06-18T06:15:52",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125025
Vulnerability from cvelistv5
Published
2022-06-19 06:10
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=6e42ccb9db | x_refsource_MISC | |
| https://vuldb.com/?id.12303 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=6e42ccb9db"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12303"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Gynvael Coldwind/Mateusz Jurczyk"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-19T06:10:35",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=6e42ccb9db"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12303"
}
],
"title": "FFmpeg decode_pulses memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125025",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg decode_pulses memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Gynvael Coldwind/Mateusz Jurczyk",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6e42ccb9db",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6e42ccb9db"
},
{
"name": "https://vuldb.com/?id.12303",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12303"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125025",
"datePublished": "2022-06-19T06:10:35",
"dateReserved": "2022-06-18T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125015
Vulnerability from cvelistv5
Published
2022-06-18 06:16
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=18f94df8af | x_refsource_MISC | |
| https://vuldb.com/?id.12366 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=18f94df8af"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12366"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:16:05",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=18f94df8af"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12366"
}
],
"title": "FFmpeg read_var_block_data memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125015",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg read_var_block_data memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "7.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=18f94df8af",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=18f94df8af"
},
{
"name": "https://vuldb.com/?id.12366",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12366"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125015",
"datePublished": "2022-06-18T06:16:05",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-3965
Vulnerability from cvelistv5
Published
2022-11-13 00:00
Modified
2024-08-03 01:27
Severity ?
EPSS score ?
Summary
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | ffmpeg |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:27:53.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/13c13109759090b7f7182480d075e13b36ed8edd"
},
{
"tags": [
"x_transferred"
],
"url": "https://vuldb.com/?id.213544"
},
{
"name": "GLSA-202312-14",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-14"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ffmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption -\u003e CWE-125 Out-of-Bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-23T12:06:20.075798",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/13c13109759090b7f7182480d075e13b36ed8edd"
},
{
"url": "https://vuldb.com/?id.213544"
},
{
"name": "GLSA-202312-14",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202312-14"
}
],
"title": "ffmpeg QuickTime Graphics Video Encoder smcenc.c smc_encode_stream out-of-bounds",
"x_generator": "vuldb.com"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2022-3965",
"datePublished": "2022-11-13T00:00:00",
"dateReserved": "2022-11-13T00:00:00",
"dateUpdated": "2024-08-03T01:27:53.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125011
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=d42ec8433c687fcbccefa51a7716d81920218e4f | x_refsource_MISC | |
| https://vuldb.com/?id.12391 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=d42ec8433c687fcbccefa51a7716d81920218e4f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12391"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-192",
"description": "CWE-192 Integer Coercion Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:58",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=d42ec8433c687fcbccefa51a7716d81920218e4f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12391"
}
],
"title": "FFmpeg ansi.c decode_frame integer coercion",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125011",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg ansi.c decode_frame integer coercion"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-192 Integer Coercion Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d42ec8433c687fcbccefa51a7716d81920218e4f",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d42ec8433c687fcbccefa51a7716d81920218e4f"
},
{
"name": "https://vuldb.com/?id.12391",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12391"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125011",
"datePublished": "2022-06-18T06:15:58",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-125016
Vulnerability from cvelistv5
Published
2022-06-18 06:16
Modified
2024-08-06 14:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e5c7229999 | x_refsource_MISC | |
| https://vuldb.com/?id.12365 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | unspecified | FFmpeg |
Version: 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e5c7229999"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12365"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:16:07",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e5c7229999"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12365"
}
],
"title": "FFmpeg utils.c ff_init_buffer_info memory corruption",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125016",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg utils.c ff_init_buffer_info memory corruption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e5c7229999",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e5c7229999"
},
{
"name": "https://vuldb.com/?id.12365",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12365"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125016",
"datePublished": "2022-06-18T06:16:07",
"dateReserved": "2022-06-17T00:00:00",
"dateUpdated": "2024-08-06T14:10:56.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}