Описание
Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before 2.0.5, 2.1.x before 2.1.5, and 2.2.x before 2.2.4 allows remote attackers to execute arbitrary code via a crafted Literal Run.
Отчет
Not vulnerable. This issue does not affect the version of qffmpeg as shipped with Red Hat Enterprise Linux 5. This issue does not affect the version of gstreamer-plugins-good as shipped with Red Hat Enterprise Linux 5, 6 and 7. This issue does not affect the version of gstreamer1-plugins-good as shipped with Red Hat Enterprise Linux 7.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | gstreamer-plugins-good | Not affected | ||
| Red Hat Enterprise Linux 5 | qffmpeg | Not affected | ||
| Red Hat Enterprise Linux 6 | gstreamer-plugins-good | Not affected | ||
| Red Hat Enterprise Linux 7 | gstreamer1-plugins-good | Not affected | ||
| Red Hat Enterprise Linux 7 | gstreamer-plugins-good | Not affected |
Показывать по
Дополнительная информация
Статус:
5.1 Medium
CVSS2
Связанные уязвимости
Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before 2.0.5, 2.1.x before 2.1.5, and 2.2.x before 2.2.4 allows remote attackers to execute arbitrary code via a crafted Literal Run.
Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before 2.0.5, 2.1.x before 2.1.5, and 2.2.x before 2.2.4 allows remote attackers to execute arbitrary code via a crafted Literal Run.
Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg ...
Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before 2.0.5, 2.1.x before 2.1.5, and 2.2.x before 2.2.4 allows remote attackers to execute arbitrary code via a crafted Literal Run.
5.1 Medium
CVSS2