Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-7557

Опубликовано: 28 фев. 2018
Источник: debian
EPSS Низкий

Описание

The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ffmpegfixed7:3.4.3-1package
libavremovedpackage

Примечания

  • https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7414d0bda7763f9bd69c26c068e482ab297c1c96

  • Fixed in 3.2.11

EPSS

Процентиль: 77%
0.01067
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-7557

CVSS3: 6.5
ubuntu
почти 8 лет назад

The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.

nvd логотип

CVE-2018-7557

CVSS3: 6.5
nvd
почти 8 лет назад

The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.

github логотип

GHSA-6wh2-f463-c2vf

CVSS3: 6.5
github
больше 3 лет назад

The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.

EPSS

Процентиль: 77%
0.01067
Низкий