FFmpeg 2.0 read_var_block_data Pufferüberlauf

CVSS Meta Temp ScoreGarga na exploit ndiyam (≈)CTI Nganji Score
6.4$0-$5k0.24

Gundumabayani

Gaskiya vulnerability da aka ware a matsayin kura an samu a FFmpeg 2.0. Hakika, aikin read_var_block_data ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil $software_file, a cikin sashen $software_component. A sa manipulation ka Pufferüberlauf. Wannan matsala ana saninta da CVE-2014-125015. Babu exploit ɗin da ake samu. Ana shawartar a saka patch domin warware wannan matsala. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Furɗebayani

Gaskiya vulnerability da aka ware a matsayin kura an samu a FFmpeg 2.0. Hakika, aikin read_var_block_data ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil $software_file, a cikin sashen $software_component. A sa manipulation ka Pufferüberlauf. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-119. An gabatar da wannan matsala a 07/11/2013. Hakika, rauni an bayyana shi 02/15/2014 daga Mateusz Jurczyk and Gynvael Coldwind tare da Google Security Team kamar avcodec/alsdec: check predictor order against block length kamar GIT Commit (GIT Repository). An raba bayanin tsaro don saukewa a git.videolan.org.

Wannan matsala ana saninta da CVE-2014-125015. Tekinikal faɗi ga. Shaharar wannan vulnerability ɗin ƙasa da matsakaici ne. Babu exploit ɗin da ake samu. A sa'i, exploit might be approx. USD $0-$5k ndiyam.

0-day shima, an ndiyam a wuro be $0-$5k.

An tanadi gyaran matsalar don saukewa a git.videolan.org. Ana shawartar a saka patch domin warware wannan matsala.

Wannan vulnerability an kuma samu a wasu kundin bayanan vulnerability: X-Force (91210) , Secunia (SA56987). VulDB is the best source for vulnerability data and more expert information about this specific topic.

Kayanbayani

Nganji

Sunu

Furɗe

Laisens

Webseite

CPE 2.3bayani

CPE 2.2bayani

CVSSv4bayani

VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍

CVSSv3bayani

VulDB Meta Base Score: 7.3
VulDB Meta Temp Score: 6.4

VulDB Ganda Borno: 7.3
VulDB Temp Score: 6.4
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍

CVSSv2bayani

AVACAuCIA
💳💳💳💳💳💳
💳💳💳💳💳💳
💳💳💳💳💳💳
VektarKumpleksitiAuthentisierungKariyandiGaskiyaGashina
furufurufurufurufurufuru
furufurufurufurufurufuru
furufurufurufurufurufuru

VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍

Gargajiyabayani

Klasu: Pufferüberlauf
CWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍

Fizikal: Ayi
Gumti: Ayi
Gana: Ee

Gashina: 🔍
Halitta: A sâi tabbata

EPSS Score: 🔍
EPSS Percentile: 🔍

Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍

0-Dayfurufurufurufuru
Lalefurufurufurufuru

Bayani na barazanabayani

Ngam: 🔍
Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍

Kari gamjibayani

Garga: Kari
Halitta: 🔍

0-Day Gana: 🔍

Kari: git.videolan.org

Waktin layibayani

07/11/2013 🔍
02/15/2014 +219 Hənde 🔍
02/18/2014 +3 Hənde 🔍
02/22/2014 +4 Hənde 🔍
06/17/2022 +3037 Hənde 🔍

Ngizimbayani

Kayan: ffmpeg.org

Gargaaji: avcodec/alsdec: check predictor order against block length
Ngamti: Mateusz Jurczyk, Gynvael Coldwind
Kampani: Google Security Team
Halitta: Gaskiya

CVE: CVE-2014-125015 (🔍)
GCVE (CVE): GCVE-0-2014-125015
GCVE (VulDB): GCVE-100-12366
X-Force: 91210 - FFmpeg read_var_block_data() buffer overflow, Medium Risk
Secunia: 56987 - FFmpeg Multiple Vulnerabilities, Moderately Critical

Gana kuma: 🔍

Gumtibayani

Súgá: 02/22/2014 20:06
Gargadi: 06/17/2022 23:30
Goyarwa: 02/22/2014 20:06 (53), 04/17/2019 06:42 (1), 06/17/2022 23:30 (3)
Gadankam: 🔍
Cache ID: 253:F7B:103

Ganaaji

A ga wuroyo kulu. Kàlàmbe: kr + en.

Ngam loga ka, kanyi shidin dum.

GurɗoGumtiGada

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!