Lucene search
RootSSV:61750HistoryMar 12, 2014 - 12:00 a.m.
FFmpeg及Libav 'tak_decode_frame()' 函数越界拒绝服务漏洞
2014-03-1200:00:00
Root
www.seebug.org
12
0.003 Low
EPSS
Percentile
69.3%
BUGTRAQ ID: 66055
CVE(CAN) ID: CVE-2014-2097
FFmpeg是一个免费的可以执行音讯和视讯多种格式的录影、转档、串流功能的软件。
FFmpeg及Libav 2.1.4之前版本libavcodec/takdec.c内的tak_decode_frame函数没有正确验证某个bits-per-sample值,这可使远程攻击者通过特制的TAK数据,利用此漏洞造成拒绝服务(越界数组访问)。
0
FFmpeg FFmpeg < 2.1.4
厂商补丁:
FFmpeg
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
nvd
nvd
CVE-2014-2097
2014-03-02 04:57:25
prion
prion
Out-of-bounds
2014-03-02 04:57:00
ubuntucve
ubuntucve
CVE-2014-2097
2014-03-02 00:00:00
cvelist
cvelist
CVE-2014-2097
2014-03-02 02:00:00
debiancve
debiancve
CVE-2014-2097
2014-03-02 04:57:25
cve
cve
CVE-2014-2097
2014-03-02 04:57:25
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0280)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2014-0281)
2022-01-28 00:00:00
Gentoo Security Advisory GLSA 201603-06
2016-03-14 00:00:00
mageia
mageia
Updated ffmpeg packages fix security vulnerabilities
2014-07-04 22:14:30
Updated ffmpeg packages fix security vulnerabilities
2014-07-04 22:22:12
nessus
nessus
Mandriva Linux Security Advisory : ffmpeg (MDVSA-2015:173)
2015-03-31 00:00:00
GLSA-201603-06 : FFmpeg: Multiple vulnerabilities
2016-03-14 00:00:00
gentoo
gentoo
FFmpeg: Multiple vulnerabilities
2016-03-12 00:00:00