Описание
Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VP3 stream, which triggers a buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | not-affected | code not present |
| maverick | released | 4:0.6-2ubuntu6.3 |
| natty | DNE | |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | not-affected | code not present |
| maverick | released | 4:0.6-2ubuntu3.3 |
| natty | DNE | |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4:0.7.3-2ubuntu1 |
| hardy | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | released | 4:0.6.4-0ubuntu0.11.04.1 |
| oneiric | released | 4:0.7.3-0ubuntu0.11.10.1 |
| upstream | released | 0.7.3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4:0.7.3ubuntu1 |
| hardy | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | released | 4:0.6.4-1ubuntu1 |
| oneiric | released | 4:0.7.3ubuntu0.11.10.1 |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VP3 stream, which triggers a buffer overflow.
Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c ...
Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VP3 stream, which triggers a buffer overflow.
EPSS
6.8 Medium
CVSS2