Описание
Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VMD file, related to corrupted streams.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | released | 4:0.5.1-1ubuntu1.3 |
| maverick | released | 4:0.6-2ubuntu6.3 |
| natty | DNE | |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | released | 4:0.5.1-1ubuntu1.3 |
| maverick | released | 4:0.6-2ubuntu3.3 |
| natty | DNE | |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4:0.7.3-2ubuntu1 |
| hardy | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | released | 4:0.6.4-0ubuntu0.11.04.1 |
| oneiric | released | 4:0.7.3-0ubuntu0.11.10.1 |
| upstream | released | 0.7.3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4:0.7.3ubuntu1 |
| hardy | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | released | 4:0.6.4-1ubuntu1 |
| oneiric | released | 4:0.7.3ubuntu0.11.10.1 |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VMD file, related to corrupted streams.
Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5. ...
Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VMD file, related to corrupted streams.
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.8 Medium
CVSS2