VDB-12584 · CVE-2014-125006 · XFDB 91657

FFmpeg 2.0 libavcodec/h264.c output_frame ବଫର୍ ଓଭରଫ୍ଲୋ

Dogoggorri kan akka ସମସ୍ୟାଜନକ jedhamuun ramadame FFmpeg 2.0 keessatti argameera. Miidhamni argame is hojii output_frame faayilii libavcodec/h264.c keessa. Wanti jijjiirame gara ବଫର୍ ଓଭରଫ୍ଲୋ geessa. Rakkoo ibsuuf CWE yoo fayyadamte gara CWE-119 si geessa. Madda rakkoo kanaa 07/11/2013 irratti argameera. Odeeffannoon kun yeroo 02/21/2014 maxxanfameera kan maxxansiise Mateusz Jurczyk and Gynvael Coldwind waliin Google Security Team akka avcodec/h264: use subsample factors of the used pixel format akka GIT Commit (GIT Repository). Odeeffannoon kun buufachuuf git.videolan.org irratti argama. Dogoggorri kun CVE-2014-125006 jedhamee waamama. Weerara fageenya irraa jalqabuu ni danda'ama. Ibsa teeknikaa ni jira. Meeshaa balaa kana fayyadamuuf hin jirre. Ammas, gatii exploit might be approx. USD $0-$5k yeroo ammaa irratti argamuu danda'a. Hanqinni kun guyyoota 225 ol tajaajila zero-day kan hin beekkaminitti fayyadamee ture. Akka 0-daytti, gatiin isaa daldala dhoksaa keessatti $0-$5k akka ta'e tilmaamameera. Sirreeffamni dogoggoraa git.videolan.org irraa buufachuuf qophaa’eera. Yaada kennamu, rakkoo kana furuuf paachii itti fayyadamuun ni gorfama. Hanqinni kun bu'uuraalee odeeffannoo hanqina biroo keessatti argama: X-Force (91657) , Secunia (SA57282). If you want to get best quality of vulnerability data, you may have to visit VulDB.

3 ଆଡାପ୍ଟେସନ୍ · 58 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 03/13/2014 03:24 PM	ଅଦ୍ୟତନ 1/2 04/17/2019 08:15 AM	ଅଦ୍ୟତନ 2/2 06/17/2022 11:21 PM
software_name	FFmpeg	FFmpeg	FFmpeg
software_version	2.0	2.0	2.0
software_file	libavcodec/h264.c	libavcodec/h264.c	libavcodec/h264.c
software_function	output_frame	output_frame	output_frame
vulnerability_introductiondate	1373500800 (07/11/2013)	1373500800 (07/11/2013)	1373500800 (07/11/2013)
vulnerability_risk	1	1	1
cvss2_vuldb_basescore	4.3	4.3	4.3
cvss2_vuldb_tempscore	3.2	3.2	3.2
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	P	P	P
cvss3_meta_basescore	5.3	5.3	5.3
cvss3_meta_tempscore	4.6	4.6	4.6
cvss3_vuldb_basescore	5.3	5.3	5.3
cvss3_vuldb_tempscore	4.6	4.6	4.6
advisory_date	1392940800 (02/21/2014)	1392940800 (02/21/2014)	1392940800 (02/21/2014)
advisory_location	GIT Repository	GIT Repository	GIT Repository
advisory_type	GIT Commit	GIT Commit	GIT Commit
advisory_url	http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c55ff393340998faae887dfac19e7ef128e1e58	http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c55ff393340998faae887dfac19e7ef128e1e58	http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c55ff393340998faae887dfac19e7ef128e1e58
advisory_identifier	avcodec/h264: use subsample factors of the used pixel format	avcodec/h264: use subsample factors of the used pixel format	avcodec/h264: use subsample factors of the used pixel format
person_name	Mateusz Jurczyk/Gynvael Coldwind	Mateusz Jurczyk/Gynvael Coldwind	Mateusz Jurczyk/Gynvael Coldwind
person_website	http://www.google.com	http://www.google.com	http://www.google.com
company_name	Google Security Team	Google Security Team	Google Security Team
price_0day	$0-$5k	$0-$5k	$0-$5k
countermeasure_name	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍
countermeasure_patch_url	http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c55ff393340998faae887dfac19e7ef128e1e58	http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c55ff393340998faae887dfac19e7ef128e1e58	http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8c55ff393340998faae887dfac19e7ef128e1e58
source_xforce	91657	91657	91657
source_seealso	12582 12583 12586 12588	12582 12583 12586 12588	12582 12583 12586 12588
cvss2_vuldb_e	U	U	U
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_rc	C	C	C
cvss3_vuldb_e	U	U	U
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
0day_days	225	225	225
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	L	L	L
software_type		Multimedia Processing Software	Multimedia Processing Software
source_secunia		57282	57282
source_secunia_date		1394150400 (03/07/2014)	1394150400 (03/07/2014)
secunia_title		FFmpeg Multiple Vulnerabilities	FFmpeg Multiple Vulnerabilities
secunia_risk	Less Critical	Less Critical	Less Critical
xforce_title		FFmpeg output_frame() denial of service	FFmpeg output_frame() denial of service
xforce_identifier		ffmpeg-outputframe-dos	ffmpeg-outputframe-dos
xforce_risk	Medium Risk	Medium Risk	Medium Risk
vulnerability_cwe		CWE-119 (ବଫର୍ ଓଭରଫ୍ଲୋ)	CWE-119 (ବଫର୍ ଓଭରଫ୍ଲୋ)
source_cve			CVE-2014-125006
cna_responsible			VulDB

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Might our Artificial Intelligence support you?

Check our Alexa App!