Lucene search

ChromeCVE-2013-0859

HistoryDec 07, 2013 - 9:55 p.m.

CVE-2013-0859

2013-12-0721:55:10

CWE-189

Chrome

web.nvd.nist.gov

ffmpeg

tiff

libavcodec

cve-2013-0859

security

vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.003

Percentile

69.3%

JSON

The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an out-of-bounds array access.

Affected configurations

Nvd

Node

ffmpegffmpegRange≤1.0

ffmpegffmpegMatch0.3

ffmpegffmpegMatch0.3.1

ffmpegffmpegMatch0.3.2

ffmpegffmpegMatch0.3.3

ffmpegffmpegMatch0.3.4

ffmpegffmpegMatch0.4.0

ffmpegffmpegMatch0.4.2

ffmpegffmpegMatch0.4.3

ffmpegffmpegMatch0.4.4

ffmpegffmpegMatch0.4.5

ffmpegffmpegMatch0.4.6

ffmpegffmpegMatch0.4.7

ffmpegffmpegMatch0.4.8

ffmpegffmpegMatch0.4.9pre1

ffmpegffmpegMatch0.5

ffmpegffmpegMatch0.5.1

ffmpegffmpegMatch0.5.2

ffmpegffmpegMatch0.5.3

ffmpegffmpegMatch0.5.4

ffmpegffmpegMatch0.5.4.5

ffmpegffmpegMatch0.5.4.6

ffmpegffmpegMatch0.6

ffmpegffmpegMatch0.6.1

ffmpegffmpegMatch0.6.2

ffmpegffmpegMatch0.6.3

ffmpegffmpegMatch0.7

ffmpegffmpegMatch0.7.1

ffmpegffmpegMatch0.7.2

ffmpegffmpegMatch0.7.3

ffmpegffmpegMatch0.7.4

ffmpegffmpegMatch0.7.5

ffmpegffmpegMatch0.7.6

ffmpegffmpegMatch0.7.7

ffmpegffmpegMatch0.7.8

ffmpegffmpegMatch0.7.9

ffmpegffmpegMatch0.7.11

ffmpegffmpegMatch0.7.12

ffmpegffmpegMatch0.8.0

ffmpegffmpegMatch0.8.1

ffmpegffmpegMatch0.8.2

ffmpegffmpegMatch0.8.5

ffmpegffmpegMatch0.8.5.3

ffmpegffmpegMatch0.8.5.4

ffmpegffmpegMatch0.8.6

ffmpegffmpegMatch0.8.7

ffmpegffmpegMatch0.8.8

ffmpegffmpegMatch0.8.10

ffmpegffmpegMatch0.8.11

ffmpegffmpegMatch0.9

ffmpegffmpegMatch0.9.1

ffmpegffmpegMatch0.10

ffmpegffmpegMatch0.10.3

ffmpegffmpegMatch0.10.4

ffmpegffmpegMatch0.11

VendorProductVersionCPE
ffmpegffmpeg*cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
ffmpegffmpeg0.3cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*
ffmpegffmpeg0.3.1cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*
ffmpegffmpeg0.3.2cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*
ffmpegffmpeg0.3.3cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*
ffmpegffmpeg0.3.4cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*
ffmpegffmpeg0.4.0cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*
ffmpegffmpeg0.4.2cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*
ffmpegffmpeg0.4.3cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*
ffmpegffmpeg0.4.4cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ffmpeg	ffmpeg	*	cpe:2.3:a:ffmpeg:ffmpeg::::::::
ffmpeg	ffmpeg	0.3	cpe:2.3:a:ffmpeg:ffmpeg:0.3:::::::*
ffmpeg	ffmpeg	0.3.1	cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:::::::*
ffmpeg	ffmpeg	0.3.2	cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:::::::*
ffmpeg	ffmpeg	0.3.3	cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:::::::*
ffmpeg	ffmpeg	0.3.4	cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:::::::*
ffmpeg	ffmpeg	0.4.0	cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:::::::*
ffmpeg	ffmpeg	0.4.2	cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:::::::*
ffmpeg	ffmpeg	0.4.3	cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:::::::*
ffmpeg	ffmpeg	0.4.4	cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:::::::*

Rows per page:

1-10 of 551

References

git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=6d1c5ea04af3e345232aa70c944de961061dab2d

www.ffmpeg.org/security.html

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.003

Percentile

69.3%

JSON

Related for CVE-2013-0859