Lucene search

[email protected]NVD:CVE-2013-2495

HistoryMar 09, 2013 - 11:55 a.m.

CVE-2013-2495

2013-03-0911:55:01

CWE-189

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

High

EPSS

0.004

Percentile

73.1%

JSON

The iff_read_header function in iff.c in libavformat in FFmpeg through 1.1.3 does not properly handle data sizes for Interchange File Format (IFF) data during operations involving a CMAP chunk or a video codec, which allows remote attackers to cause a denial of service (integer overflow, out-of-bounds array access, and application crash) or possibly have unspecified other impact via a crafted header.

Affected configurations

Nvd

Node

ffmpegffmpegRange≤1.1.3

ffmpegffmpegMatch0.3

ffmpegffmpegMatch0.3.1

ffmpegffmpegMatch0.3.2

ffmpegffmpegMatch0.3.3

ffmpegffmpegMatch0.3.4

ffmpegffmpegMatch0.4.0

ffmpegffmpegMatch0.4.2

ffmpegffmpegMatch0.4.3

ffmpegffmpegMatch0.4.4

ffmpegffmpegMatch0.4.5

ffmpegffmpegMatch0.4.6

ffmpegffmpegMatch0.4.7

ffmpegffmpegMatch0.4.8

ffmpegffmpegMatch0.4.9

ffmpegffmpegMatch0.4.9pre1

ffmpegffmpegMatch0.5

ffmpegffmpegMatch0.5.1

ffmpegffmpegMatch0.5.2

ffmpegffmpegMatch0.5.3

ffmpegffmpegMatch0.5.4

ffmpegffmpegMatch0.5.4.5

ffmpegffmpegMatch0.5.4.6

ffmpegffmpegMatch0.6

ffmpegffmpegMatch0.6.1

ffmpegffmpegMatch0.6.2

ffmpegffmpegMatch0.6.3

ffmpegffmpegMatch0.7

ffmpegffmpegMatch0.7.1

ffmpegffmpegMatch0.7.2

ffmpegffmpegMatch0.7.3

ffmpegffmpegMatch0.7.4

ffmpegffmpegMatch0.7.5

ffmpegffmpegMatch0.7.6

ffmpegffmpegMatch0.7.7

ffmpegffmpegMatch0.7.8

ffmpegffmpegMatch0.7.9

ffmpegffmpegMatch0.7.11

ffmpegffmpegMatch0.7.12

ffmpegffmpegMatch0.8.0

ffmpegffmpegMatch0.8.1

ffmpegffmpegMatch0.8.2

ffmpegffmpegMatch0.8.5

ffmpegffmpegMatch0.8.5.3

ffmpegffmpegMatch0.8.5.4

ffmpegffmpegMatch0.8.6

ffmpegffmpegMatch0.8.7

ffmpegffmpegMatch0.8.8

ffmpegffmpegMatch0.8.10

ffmpegffmpegMatch0.8.11

ffmpegffmpegMatch0.9

ffmpegffmpegMatch0.9.1

ffmpegffmpegMatch0.10

ffmpegffmpegMatch0.10.3

ffmpegffmpegMatch0.10.4

ffmpegffmpegMatch0.11

ffmpegffmpegMatch1.0

ffmpegffmpegMatch1.1.1

ffmpegffmpegMatch1.1.2

VendorProductVersionCPE
ffmpegffmpeg*cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
ffmpegffmpeg0.3cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*
ffmpegffmpeg0.3.1cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*
ffmpegffmpeg0.3.2cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*
ffmpegffmpeg0.3.3cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*
ffmpegffmpeg0.3.4cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*
ffmpegffmpeg0.4.0cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*
ffmpegffmpeg0.4.2cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*
ffmpegffmpeg0.4.3cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*
ffmpegffmpeg0.4.4cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ffmpeg	ffmpeg	*	cpe:2.3:a:ffmpeg:ffmpeg::::::::
ffmpeg	ffmpeg	0.3	cpe:2.3:a:ffmpeg:ffmpeg:0.3:::::::*
ffmpeg	ffmpeg	0.3.1	cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:::::::*
ffmpeg	ffmpeg	0.3.2	cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:::::::*
ffmpeg	ffmpeg	0.3.3	cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:::::::*
ffmpeg	ffmpeg	0.3.4	cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:::::::*
ffmpeg	ffmpeg	0.4.0	cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:::::::*
ffmpeg	ffmpeg	0.4.2	cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:::::::*
ffmpeg	ffmpeg	0.4.3	cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:::::::*
ffmpeg	ffmpeg	0.4.4	cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:::::::*