Описание
FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, leading to processing of a video-structure pointer by the mp3 decoder, and a stack-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 4:0.5.1-1ubuntu1 |
| hardy | not-affected | could not reproduce |
| intrepid | ignored | end of life, was needed |
| jaunty | ignored | end of life |
| karmic | not-affected | could not reproduce |
| lucid | not-affected | 4:0.5.1-1ubuntu1 |
| maverick | not-affected | 4:0.5.1-1ubuntu1 |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| intrepid | not-affected | could not reproduce |
| jaunty | not-affected | could not reproduce |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| upstream | needed |
Показывать по
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, leading to processing of a video-structure pointer by the mp3 decoder, and a stack-based buffer overflow.
FFmpeg 0.5 allows remote attackers to cause a denial of service and po ...
FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, leading to processing of a video-structure pointer by the mp3 decoder, and a stack-based buffer overflow.
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
9.3 Critical
CVSS2