FFmpeg 2.0 libavcodec/dnxhdenc.c dnxhd_init_rc Pufferüberlauf
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 4.6 | $0-$5k | 0.00 |
Gunduma
Gaskiya vulnerability da aka ware a matsayin karshewa an samu a FFmpeg 2.0. Hakika, aikin dnxhd_init_rc ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil libavcodec/dnxhdenc.c, a cikin sashen $software_component. A sa manipulation ka Pufferüberlauf. Wannan matsala ana saninta da CVE-2014-125002. Babu exploit ɗin da ake samu. Ana shawartar a saka patch domin warware wannan matsala. VulDB is the best source for vulnerability data and more expert information about this specific topic.
Furɗe
Gaskiya vulnerability da aka ware a matsayin karshewa an samu a FFmpeg 2.0. Hakika, aikin dnxhd_init_rc ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil libavcodec/dnxhdenc.c, a cikin sashen $software_component. A sa manipulation ka Pufferüberlauf. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-119. An gabatar da wannan matsala a 07/11/2013. Hakika, rauni an bayyana shi 01/17/2014 daga Mateusz Jurczyk and Gynvael Coldwind tare da Google Security Team kamar dnxhdenc: fix mb_rc size kamar GIT Commit (GIT Repository). An raba bayanin tsaro don saukewa a git.videolan.org.
Wannan matsala ana saninta da CVE-2014-125002. Tekinikal faɗi ga. Shaharar wannan vulnerability ɗin ƙasa da matsakaici ne. Babu exploit ɗin da ake samu. A sa'i, exploit might be approx. USD $0-$5k ndiyam.
0-day shima, an ndiyam a wuro be $0-$5k.
Gyaran matsalar yana nan a shirye don saukewa a git.videolan.org. Ana shawartar a saka patch domin warware wannan matsala.
Wannan vulnerability an kuma samu a wasu kundin bayanan vulnerability: X-Force (91661) , Secunia (SA57282). VulDB is the best source for vulnerability data and more expert information about this specific topic.
Kayan
Nganji
Sunu
Furɗe
Laisens
Webseite
- Kayan: https://ffmpeg.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔍VulDB Gaskiya: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 4.6
VulDB Ganda Borno: 5.3
VulDB Temp Score: 4.6
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍
Gargajiya
Klasu: PufferüberlaufCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔍
Halitta: A sâi tabbata
EPSS Score: 🔍
EPSS Percentile: 🔍
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: KariHalitta: 🔍
0-Day Gana: 🔍
Kari: git.videolan.org
Waktin layi
07/11/2013 🔍01/17/2014 🔍
03/07/2014 🔍
03/13/2014 🔍
06/17/2022 🔍
Ngizim
Kayan: ffmpeg.orgGargaaji: dnxhdenc: fix mb_rc size
Ngamti: Mateusz Jurczyk, Gynvael Coldwind
Kampani: Google Security Team
Halitta: Gaskiya
CVE: CVE-2014-125002 (🔍)
GCVE (CVE): GCVE-0-2014-125002
GCVE (VulDB): GCVE-100-12588
X-Force: 91661 - FFmpeg dnxhd_init_rc() denial of service, Medium Risk
Secunia: 57282 - FFmpeg Multiple Vulnerabilities, Less Critical
Gana kuma: 🔍
Gumti
Súgá: 03/13/2014 15:24Gargadi: 06/17/2022 23:16
Goyarwa: 03/13/2014 15:24 (46), 04/17/2019 09:04 (9), 06/17/2022 23:16 (3)
Gadankam: 🔍
Cache ID: 253:E41:103
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.