Описание
FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | |
| cosmic | ignored | |
| devel | ignored | |
| disco | ignored | |
| eoan | ignored | |
| esm-apps/noble | ignored | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [no longer updated]] |
| esm-infra/focal | DNE | focal was ignored |
| focal | ignored | |
| groovy | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 7:3.4.4-0ubuntu0.18.04.1 |
| cosmic | ignored | end of life |
| devel | not-affected | 7:4.1-1 |
| disco | not-affected | 7:4.1-1 |
| eoan | not-affected | 7:4.1-1 |
| esm-apps/bionic | not-affected | 7:3.4.4-0ubuntu0.18.04.1 |
| esm-apps/focal | not-affected | 7:4.1-1 |
| esm-apps/jammy | not-affected | 7:4.1-1 |
| esm-apps/noble | not-affected | 7:4.1-1 |
| esm-apps/xenial | not-affected | code not present |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [Ubuntu touch end-of-life]] |
| esm-infra/focal | DNE | |
| esm-infra/xenial | ignored | Ubuntu touch end-of-life |
| focal | DNE | |
| groovy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-infra-legacy/trusty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| cosmic | not-affected | code not present |
| devel | not-affected | code not present |
| disco | not-affected | code not present |
| eoan | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later.
FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains ...
FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later.
Уязвимость мультимедийной библиотеки FFmpeg, связанная с переполнением буфера динамической памяти, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3