Lucene search
HistoryDec 07, 2013 - 9:55 p.m.
CVE-2013-0849
vulnerability
ffmpeg
roq_decode_init
libavcodec
cve-2013-0849
nvd
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
72.5%
The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted (1) width or (2) height dimension that is not a multiple of sixteen in id RoQ video data.
Affected configurations
Node
ffmpegffmpegRange≤1.0
ORffmpegffmpegMatch0.3
ORffmpegffmpegMatch0.3.1
ORffmpegffmpegMatch0.3.2
ORffmpegffmpegMatch0.3.3
ORffmpegffmpegMatch0.3.4
ORffmpegffmpegMatch0.4.0
ORffmpegffmpegMatch0.4.2
ORffmpegffmpegMatch0.4.3
ORffmpegffmpegMatch0.4.4
ORffmpegffmpegMatch0.4.5
ORffmpegffmpegMatch0.4.6
ORffmpegffmpegMatch0.4.7
ORffmpegffmpegMatch0.4.8
ORffmpegffmpegMatch0.4.9pre1
ORffmpegffmpegMatch0.5
ORffmpegffmpegMatch0.5.1
ORffmpegffmpegMatch0.5.2
ORffmpegffmpegMatch0.5.3
ORffmpegffmpegMatch0.5.4
ORffmpegffmpegMatch0.5.4.5
ORffmpegffmpegMatch0.5.4.6
ORffmpegffmpegMatch0.6
ORffmpegffmpegMatch0.6.1
ORffmpegffmpegMatch0.6.2
ORffmpegffmpegMatch0.6.3
ORffmpegffmpegMatch0.7
ORffmpegffmpegMatch0.7.1
ORffmpegffmpegMatch0.7.2
ORffmpegffmpegMatch0.7.3
ORffmpegffmpegMatch0.7.4
ORffmpegffmpegMatch0.7.5
ORffmpegffmpegMatch0.7.6
ORffmpegffmpegMatch0.7.7
ORffmpegffmpegMatch0.7.8
ORffmpegffmpegMatch0.7.9
ORffmpegffmpegMatch0.7.11
ORffmpegffmpegMatch0.7.12
ORffmpegffmpegMatch0.8.0
ORffmpegffmpegMatch0.8.1
ORffmpegffmpegMatch0.8.2
ORffmpegffmpegMatch0.8.5
ORffmpegffmpegMatch0.8.5.3
ORffmpegffmpegMatch0.8.5.4
ORffmpegffmpegMatch0.8.6
ORffmpegffmpegMatch0.8.7
ORffmpegffmpegMatch0.8.8
ORffmpegffmpegMatch0.8.10
ORffmpegffmpegMatch0.8.11
ORffmpegffmpegMatch0.9
ORffmpegffmpegMatch0.9.1
ORffmpegffmpegMatch0.10
ORffmpegffmpegMatch0.10.3
ORffmpegffmpegMatch0.10.4
ORffmpegffmpegMatch0.11
Related
prion
prion
Design/Logic Flaw
2013-12-07 21:55:00
ubuntucve
ubuntucve
CVE-2013-0849
2013-12-07 00:00:00
debiancve
debiancve
CVE-2013-0849
2013-12-07 21:55:09
nvd
nvd
CVE-2013-0849
2013-12-07 21:55:09
cvelist
cvelist
CVE-2013-0849
2013-12-07 21:00:00
openvas
openvas
Debian Security Advisory DSA 2855-1 (libav - several vulnerabilities)
2014-02-05 00:00:00
Debian: Security Advisory (DSA-2855-1)
2014-02-04 00:00:00
nessus
nessus
Debian DSA-2855-1 : libav - several vulnerabilities
2014-02-06 00:00:00
debian
debian
[SECURITY] [DSA 2855-1] libav security update
2014-02-05 17:58:48
securityvulns
securityvulns
libav / ffmpeg multiple security vulnerabilities
2014-02-10 00:00:00
[SECURITY] [DSA 2855-1] libav security update
2014-02-10 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
72.5%
Related for CVE-2013-0849