Lucene search
MitreCVE-2014-9676HistoryFeb 28, 2015 - 1:59 a.m.
CVE-2014-9676
2015-02-2801:59:00
mitre
web.nvd.nist.gov
32
cve-2014-9676
libavformat
ffmpeg
denial of service
remote code execution
use after free
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
High
EPSS
0.009
Percentile
82.4%
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service (“invalid memory handler”) and possibly execute arbitrary code via a crafted video that triggers a use after free.
Affected configurations
Node
ffmpegffmpegRange≤2.1.4
Related
prion
prion
Double free
2015-02-28 01:59:00
nessus
nessus
Debian DLA-464-1 : libav security update
2016-05-12 00:00:00
GLSA-201606-09 : FFmpeg: Multiple vulnerabilities
2016-06-20 00:00:00
ubuntucve
ubuntucve
CVE-2014-9676
2015-02-28 00:00:00
debiancve
debiancve
CVE-2014-9676
2015-02-28 01:59:00
openvas
openvas
Debian: Security Advisory (DLA-464-1)
2023-03-08 00:00:00
nvd
nvd
CVE-2014-9676
2015-02-28 01:59:00
debian
debian
[SECURITY] [DLA 464-1] libav security update
2016-05-10 11:07:28
cvelist
cvelist
CVE-2014-9676
2015-02-28 01:00:00
osv
osv
libav - security update
2016-05-10 00:00:00
gentoo
gentoo
FFmpeg: Multiple vulnerabilities
2016-06-18 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.7
Confidence
High
EPSS
0.009
Percentile
82.4%
Related for CVE-2014-9676