Lucene search

[email protected]CVE-2008-3230

HistoryJul 18, 2008 - 4:41 p.m.

CVE-2008-3230

2008-07-1816:41:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-3230

denial of service

ffmpeg

gif

gstreamer

6.3 Medium

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

57.2%

JSON

The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as demonstrated by lol-giftopnm.gif.

Affected configurations

NVD

Node

ffmpeglavf_demuxer

CPENameOperatorVersion
ffmpeg:lavf_demuxerffmpeg lavf demuxereq*

CPE	Name	Operator	Version
ffmpeg:lavf_demuxer	ffmpeg lavf demuxer	eq	*

References

bugzilla.gnome.org/show_bug.cgi?id=542643

secunia.com/advisories/31899

www.mandriva.com/security/advisories?name=MDVSA-2009:297

www.openwall.com/lists/oss-security/2008/07/13/3

www.securityfocus.com/bid/31234

exchange.xforce.ibmcloud.com/vulnerabilities/44210

roundup.mplayerhq.hu/roundup/ffmpeg/issue530

6.3 Medium

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

57.2%

JSON

Related for CVE-2008-3230

ubuntucve1 nvd1 prion1 debiancve1 cvelist1 openvas4 nessus1