CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
90.0%
The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly execute arbitrary code via a crafted DV file.
Vendor | Product | Version | CPE |
---|---|---|---|
ffmpeg | ffmpeg | 0.7.1 | cpe:2.3:a:ffmpeg:ffmpeg:0.7.1:*:*:*:*:*:*:* |
ffmpeg | ffmpeg | 0.7.2 | cpe:2.3:a:ffmpeg:ffmpeg:0.7.2:*:*:*:*:*:*:* |
ffmpeg | ffmpeg | 0.7.6 | cpe:2.3:a:ffmpeg:ffmpeg:0.7.6:*:*:*:*:*:*:* |
ffmpeg | ffmpeg | 0.7.7 | cpe:2.3:a:ffmpeg:ffmpeg:0.7.7:*:*:*:*:*:*:* |
ffmpeg | ffmpeg | 0.7.8 | cpe:2.3:a:ffmpeg:ffmpeg:0.7.8:*:*:*:*:*:*:* |
ffmpeg | ffmpeg | 0.7.9 | cpe:2.3:a:ffmpeg:ffmpeg:0.7.9:*:*:*:*:*:*:* |
ffmpeg | ffmpeg | 0.7.11 | cpe:2.3:a:ffmpeg:ffmpeg:0.7.11:*:*:*:*:*:*:* |
ffmpeg | ffmpeg | 0.8.5 | cpe:2.3:a:ffmpeg:ffmpeg:0.8.5:*:*:*:*:*:*:* |
ffmpeg | ffmpeg | 0.8.6 | cpe:2.3:a:ffmpeg:ffmpeg:0.8.6:*:*:*:*:*:*:* |
ffmpeg | ffmpeg | 0.8.7 | cpe:2.3:a:ffmpeg:ffmpeg:0.8.7:*:*:*:*:*:*:* |