Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2015-6818
HistorySep 06, 2015 - 2:59 a.m.

CVE-2015-6818

2015-09-0602:59:00
CWE-17
mitre
web.nvd.nist.gov
50
cve
2015
6818
ffmpeg
denial of service
security vulnerability
nvd
array access
out-of-bounds
image header
png

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.7

Confidence

High

EPSS

0.004

Percentile

73.2%

JSON

The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks.

Affected configurations

Nvd
Node
ffmpegffmpegRange2.7.1
Node
canonicalubuntu_linuxMatch12.04lts
VendorProductVersionCPE
ffmpegffmpeg*cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

Related

ubuntucve 1
veracode 1
prion 1
debiancve 1
cvelist 1
nvd 1
freebsd 1
nessus 2
ubuntu 1
openvas 4
mageia 1
osv 1
debian 1
ubuntucve
ubuntucve
CVE-2015-6818
2015-09-05 00:00:00
veracode
veracode
Denial Of Service (DoS)
2017-02-09 02:06:02
prion
prion
Out-of-bounds
2015-09-06 02:59:00
debiancve
debiancve
CVE-2015-6818
2015-09-06 02:59:00
cvelist
cvelist
CVE-2015-6818
2015-09-06 01:00:00
nvd
nvd
CVE-2015-6818
2015-09-06 02:59:00
freebsd
freebsd
ffmpeg -- multiple vulnerabilities
2015-09-05 00:00:00
nessus
nessus
FreeBSD : ffmpeg -- multiple vulnerabilities (3d950687-b4c9-4a86-8478-c56743547af8)
2015-09-21 00:00:00
Ubuntu 12.04 LTS : libav vulnerabilities (USN-2944-1)
2016-04-05 00:00:00
ubuntu
ubuntu
Libav vulnerabilities
2016-04-04 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2944-1)
2016-04-05 00:00:00
Mageia: Security Advisory (MGASA-2016-0018)
2016-01-15 00:00:00
Debian: Security Advisory (DLA-1611)
2023-03-08 00:00:00
mageia
mageia
Updated ffmpeg packages fix security vulnerabilities
2016-01-15 04:52:38
osv
osv
libav - security update
2018-12-19 00:00:00
debian
debian
[SECURITY] [DLA 1611-1] libav security update
2018-12-20 21:51:33

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.7

Confidence

High

EPSS

0.004

Percentile

73.2%

JSON
Related for CVE-2015-6818
ubuntucve1veracode1prion1debiancve1cvelist1nvd1freebsd1nessus2ubuntu1openvas4mageia1osv1debian1