FFmpeg 2.0 libavcodec/h64.c decode_slice_header Pufferüberlauf
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 4.6 | $0-$5k | 0.00 |
Gunduma
Wuro vulnerability wey an yi classify sey kura an gano shi a cikin FFmpeg 2.0. Gaskiya, decode_slice_header na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, libavcodec/h64.c na cikin fayil, $software_component na cikin sashi. Ngam manipulation shi Pufferüberlauf. Wannan rauni ana sayar da shi da suna CVE-2014-125010. Ba exploit ɗin da ake da shi. Ana so a yi patch don gyara wannan matsala. If you want to get best quality of vulnerability data, you may have to visit VulDB.
Furɗe
Wuro vulnerability wey an yi classify sey kura an gano shi a cikin FFmpeg 2.0. Gaskiya, decode_slice_header na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, libavcodec/h64.c na cikin fayil, $software_component na cikin sashi. Ngam manipulation shi Pufferüberlauf. CWE shidin ka a yi bayani matsala sai ya kai CWE-119. Wannan matsala an kawo ta a 07/11/2013. Gaskiya, laifi an fitar da shi 02/16/2014 ta Mateusz Jurczyk and Gynvael Coldwind (j00ru) da Google Security Team a matsayin avcodec/h264: more completely check the loop filter parameters a matsayin GIT Commit (GIT Repository). Advisory ɗin ana rabawa don saukewa a git.videolan.org.
Wannan rauni ana sayar da shi da suna CVE-2014-125010. Tekinikal bayani ga. Wannan vulnerability ɗin ba shi da yawa sosai. Ba exploit ɗin da ake da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam.
Kama 0-day, an ndiyam a wuro be $0-$5k.
Gyaran matsalar yana nan a shirye don saukewa a git.videolan.org. Ana so a yi patch don gyara wannan matsala.
Vulnerability ɗin nan kuma an rubuta shi a wasu kundin bayanan vulnerability: SecurityFocus (BID 65671), X-Force (91257) , Secunia (SA57066). If you want to get best quality of vulnerability data, you may have to visit VulDB.
Kayan
Nganji
Sunu
Furɗe
Laisens
Webseite
- Kayan: https://ffmpeg.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔍VulDB Gaskiya: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 4.6
VulDB Ganda Borno: 5.3
VulDB Temp Score: 4.6
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍
Gargajiya
Klasu: PufferüberlaufCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔍
Halitta: A sâi tabbata
EPSS Score: 🔍
EPSS Percentile: 🔍
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: KariHalitta: 🔍
0-Day Gana: 🔍
Kari: git.videolan.org
Waktin layi
07/11/2013 🔍02/16/2014 🔍
02/18/2014 🔍
02/19/2014 🔍
02/24/2014 🔍
06/17/2022 🔍
Ngizim
Kayan: ffmpeg.orgGargaaji: avcodec/h264: more completely check the loop filter parameters
Ngamti: Mateusz Jurczyk, Gynvael Coldwind (j00ru)
Kampani: Google Security Team
Halitta: Gaskiya
CVE: CVE-2014-125010 (🔍)
GCVE (CVE): GCVE-0-2014-125010
GCVE (VulDB): GCVE-100-12392
X-Force: 91257 - FFmpeg decode_slice_header() denial of service, Medium Risk
SecurityFocus: 65671 - FFmpeg Multiple Security Vulnerabilities
Secunia: 57066 - FFmpeg Multiple Vulnerabilities, Less Critical
Gana kuma: 🔍
Gumti
Súgá: 02/24/2014 08:15Gargadi: 06/17/2022 23:29
Goyarwa: 02/24/2014 08:15 (57), 04/17/2019 07:24 (4), 06/17/2022 23:29 (3)
Gadankam: 🔍
Gwamna: olku
Cache ID: 253:FCB:103
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.