CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
90.2%
It was discovered that Libav incorrectly handled certain malformed media
files. If a user were tricked into opening a crafted media file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 12.04 | noarch | libavformat53 | <Β 4:0.8.17-0ubuntu0.12.04.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | ffmpeg-dbg | <Β 4:0.8.17-0ubuntu0.12.04.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libav-dbg | <Β 4:0.8.17-0ubuntu0.12.04.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libav-tools | <Β 4:0.8.17-0ubuntu0.12.04.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libav-tools-dbgsym | <Β 4:0.8.17-0ubuntu0.12.04.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libavcodec-dev | <Β 4:0.8.17-0ubuntu0.12.04.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libavcodec53 | <Β 4:0.8.17-0ubuntu0.12.04.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libavcodec53-dbgsym | <Β 4:0.8.17-0ubuntu0.12.04.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libavdevice-dev | <Β 4:0.8.17-0ubuntu0.12.04.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libavdevice53 | <Β 4:0.8.17-0ubuntu0.12.04.2 | UNKNOWN |
ubuntu.com/security/CVE-2014-8541
ubuntu.com/security/CVE-2015-1872
ubuntu.com/security/CVE-2015-3395
ubuntu.com/security/CVE-2015-5479
ubuntu.com/security/CVE-2015-6818
ubuntu.com/security/CVE-2015-6820
ubuntu.com/security/CVE-2015-6824
ubuntu.com/security/CVE-2015-6826
ubuntu.com/security/CVE-2015-8364
ubuntu.com/security/CVE-2015-8365
ubuntu.com/security/CVE-2016-1897
ubuntu.com/security/CVE-2016-1898
ubuntu.com/security/CVE-2016-2326
ubuntu.com/security/CVE-2016-2330
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
90.2%