FFmpeg 2.0 libavcodec/msrle.c msrle_decode_frame Pufferüberlauf
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 4.6 | $0-$5k | 0.00 |
Gunduma
Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin FFmpeg 2.0. Gaskiya, msrle_decode_frame na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, libavcodec/msrle.c na cikin fayil, $software_component na cikin sashi. Ngam manipulation shi Pufferüberlauf. Wannan rauni ana sayar da shi da suna CVE-2014-125013. Ba exploit ɗin da ake da shi. Ana so a yi patch don gyara wannan matsala. If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Furɗe
Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin FFmpeg 2.0. Gaskiya, msrle_decode_frame na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, libavcodec/msrle.c na cikin fayil, $software_component na cikin sashi. Ngam manipulation shi Pufferüberlauf. CWE shidin ka a yi bayani matsala sai ya kai CWE-119. Wannan matsala an kawo ta a 07/11/2013. Gaskiya, laifi an fitar da shi 02/16/2014 ta Mateusz Jurczyk and Gynvael Coldwind (j00ru) da Google Security Team a matsayin avcodec/msrle: use av_image_get_linesize() to calculate the linesize a matsayin GIT Commit (GIT Repository). Advisory ɗin ana rabawa don saukewa a git.videolan.org.
Wannan rauni ana sayar da shi da suna CVE-2014-125013. Tekinikal bayani ga. Wannan vulnerability ɗin ba shi da yawa sosai. Ba exploit ɗin da ake da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro.
Kama 0-day, an ndiyam a wuro be $0-$5k.
Za a iya sauke maganin matsalar daga git.videolan.org. Ana so a yi patch don gyara wannan matsala.
Vulnerability ɗin nan kuma an rubuta shi a wasu kundin bayanan vulnerability: SecurityFocus (BID 65671), X-Force (91254) , Secunia (SA57066). If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Kayan
Nganji
Sunu
Furɗe
Laisens
Webseite
- Kayan: https://ffmpeg.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔍VulDB Gaskiya: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 4.6
VulDB Ganda Borno: 5.3
VulDB Temp Score: 4.6
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍
Gargajiya
Klasu: PufferüberlaufCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔍
Halitta: A sâi tabbata
EPSS Score: 🔍
EPSS Percentile: 🔍
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: KariHalitta: 🔍
0-Day Gana: 🔍
Kari: git.videolan.org
Waktin layi
07/11/2013 🔍02/16/2014 🔍
02/18/2014 🔍
02/19/2014 🔍
02/24/2014 🔍
06/17/2022 🔍
Ngizim
Kayan: ffmpeg.orgGargaaji: avcodec/msrle: use av_image_get_linesize() to calculate the linesize
Ngamti: Mateusz Jurczyk, Gynvael Coldwind (j00ru)
Kampani: Google Security Team
Halitta: Gaskiya
CVE: CVE-2014-125013 (🔍)
GCVE (CVE): GCVE-0-2014-125013
GCVE (VulDB): GCVE-100-12389
X-Force: 91254 - FFmpeg msrle_decode_frame() denial of service, Medium Risk
SecurityFocus: 65671 - FFmpeg Multiple Security Vulnerabilities
Secunia: 57066 - FFmpeg Multiple Vulnerabilities, Less Critical
Gana kuma: 🔍
Gumti
Súgá: 02/24/2014 08:05Gargadi: 06/17/2022 23:29
Goyarwa: 02/24/2014 08:05 (56), 04/17/2019 06:55 (4), 06/17/2022 23:29 (3)
Gadankam: 🔍
Gwamna: olku
Cache ID: 253:529:103
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.