Lucene search
MitreCVE-2014-8545HistoryNov 05, 2014 - 11:55 a.m.
CVE-2014-8545
2014-11-0511:55:08
CWE-189
mitre
web.nvd.nist.gov
31
cve-2014-8545
ffmpeg
libavcodec
pngdec.c
denial of service
vulnerability
out-of-bounds access
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
High
EPSS
0.004
Percentile
75.2%
libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG data.
Affected configurations
Node
ffmpegffmpegRange≤2.4.1
ORffmpegffmpegMatch0.3
ORffmpegffmpegMatch0.3.1
ORffmpegffmpegMatch0.3.2
ORffmpegffmpegMatch0.3.3
ORffmpegffmpegMatch0.3.4
ORffmpegffmpegMatch0.4.0
ORffmpegffmpegMatch0.4.2
ORffmpegffmpegMatch0.4.3
ORffmpegffmpegMatch0.4.4
ORffmpegffmpegMatch0.4.5
ORffmpegffmpegMatch0.4.6
ORffmpegffmpegMatch0.4.7
ORffmpegffmpegMatch0.4.8
ORffmpegffmpegMatch0.4.9pre1
ORffmpegffmpegMatch0.5
ORffmpegffmpegMatch0.5.1
ORffmpegffmpegMatch0.5.2
ORffmpegffmpegMatch0.5.3
ORffmpegffmpegMatch0.5.4
ORffmpegffmpegMatch0.5.4.5
ORffmpegffmpegMatch0.5.4.6
ORffmpegffmpegMatch0.5.5
ORffmpegffmpegMatch0.6
ORffmpegffmpegMatch0.6.1
ORffmpegffmpegMatch0.6.2
ORffmpegffmpegMatch0.6.3
ORffmpegffmpegMatch0.7
ORffmpegffmpegMatch0.7.1
ORffmpegffmpegMatch0.7.2
ORffmpegffmpegMatch0.7.3
ORffmpegffmpegMatch0.7.4
ORffmpegffmpegMatch0.7.5
ORffmpegffmpegMatch0.7.6
ORffmpegffmpegMatch0.7.7
ORffmpegffmpegMatch0.7.8
ORffmpegffmpegMatch0.7.9
ORffmpegffmpegMatch0.7.11
ORffmpegffmpegMatch0.7.12
ORffmpegffmpegMatch0.8.0
ORffmpegffmpegMatch0.8.1
ORffmpegffmpegMatch0.8.2
ORffmpegffmpegMatch0.8.5
ORffmpegffmpegMatch0.8.5.3
ORffmpegffmpegMatch0.8.5.4
ORffmpegffmpegMatch0.8.6
ORffmpegffmpegMatch0.8.7
ORffmpegffmpegMatch0.8.8
ORffmpegffmpegMatch0.8.10
ORffmpegffmpegMatch0.8.11
ORffmpegffmpegMatch0.9
ORffmpegffmpegMatch0.9.1
ORffmpegffmpegMatch0.10
ORffmpegffmpegMatch0.10.3
ORffmpegffmpegMatch0.10.4
ORffmpegffmpegMatch0.11
ORffmpegffmpegMatch0.11.1
ORffmpegffmpegMatch0.11.2
ORffmpegffmpegMatch0.11.3
ORffmpegffmpegMatch0.11.4
ORffmpegffmpegMatch1.0
ORffmpegffmpegMatch1.0.1
ORffmpegffmpegMatch1.0.2
ORffmpegffmpegMatch1.0.3
ORffmpegffmpegMatch1.0.4
ORffmpegffmpegMatch1.1
ORffmpegffmpegMatch1.1.1
ORffmpegffmpegMatch1.1.2
ORffmpegffmpegMatch1.1.3
ORffmpegffmpegMatch1.1.4
ORffmpegffmpegMatch1.1.5
ORffmpegffmpegMatch1.1.6
ORffmpegffmpegMatch1.1.7
ORffmpegffmpegMatch1.1.8
ORffmpegffmpegMatch1.1.9
ORffmpegffmpegMatch1.1.10
ORffmpegffmpegMatch1.1.11
ORffmpegffmpegMatch1.1.12
ORffmpegffmpegMatch1.1.13
ORffmpegffmpegMatch1.2
ORffmpegffmpegMatch1.2.1
ORffmpegffmpegMatch1.2.3
ORffmpegffmpegMatch1.2.4
ORffmpegffmpegMatch1.2.5
ORffmpegffmpegMatch1.2.6
ORffmpegffmpegMatch1.2.7
ORffmpegffmpegMatch2.0
ORffmpegffmpegMatch2.0.1
ORffmpegffmpegMatch2.0.2
ORffmpegffmpegMatch2.0.3
ORffmpegffmpegMatch2.0.4
ORffmpegffmpegMatch2.0.5
ORffmpegffmpegMatch2.1
ORffmpegffmpegMatch2.1.1
ORffmpegffmpegMatch2.1.2
ORffmpegffmpegMatch2.1.3
ORffmpegffmpegMatch2.1.4
ORffmpegffmpegMatch2.1.5
ORffmpegffmpegMatch2.2
ORffmpegffmpegMatch2.2.4
ORffmpegffmpegMatch2.3
ORffmpegffmpegMatch2.3.2
ORffmpegffmpegMatch2.3.3
ORffmpegffmpegMatch2.3.4
ORffmpegffmpegMatch2.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ffmpeg | ffmpeg | * | cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.3 | cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.3.1 | cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.3.2 | cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.3.3 | cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.3.4 | cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.4.0 | cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.4.2 | cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.4.3 | cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.4.4 | cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:* |
Related
debiancve
debiancve
CVE-2014-8545
2014-11-05 11:55:08
prion
prion
Out-of-bounds
2014-11-05 11:55:00
nvd
nvd
CVE-2014-8545
2014-11-05 11:55:08
veracode
veracode
Denial Of Service (DoS)
2017-02-03 08:11:46
cvelist
cvelist
CVE-2014-8545
2014-11-05 11:00:00
ubuntucve
ubuntucve
CVE-2014-8545
2014-11-05 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0491)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2014-0464)
2022-01-28 00:00:00
Gentoo Security Advisory GLSA 201603-06
2016-03-14 00:00:00
mageia
mageia
Updated ffmpeg packages fix security vulnerabilities
2014-11-21 15:44:16
Updated avidemux packages fix security vulnerabilities
2014-11-26 20:29:06
freebsd
freebsd
ffmpeg -- multiple vulnerabilities
2015-03-12 00:00:00
nessus
nessus
FreeBSD : ffmpeg -- multiple vulnerabilities (65b14d39-d01f-419c-b0b8-5df60b929973)
2015-06-02 00:00:00
Mandriva Linux Security Advisory : ffmpeg (MDVSA-2015:173)
2015-03-31 00:00:00
GLSA-201603-06 : FFmpeg: Multiple vulnerabilities
2016-03-14 00:00:00
gentoo
gentoo
FFmpeg: Multiple vulnerabilities
2016-03-12 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.9
Confidence
High
EPSS
0.004
Percentile
75.2%
Related for CVE-2014-8545