Lucene search

[email protected]CVE-2013-3671

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-3671

2022-10-0316:14:46

CWE-189

[email protected]

web.nvd.nist.gov

cve-2013-3671

ffmpeg

denial of service

log.c

libavutil

invalid pointer dereference

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.5%

JSON

The format_line function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via crafted data that triggers a log message.

Affected configurations

NVD

Node

ffmpegffmpegRange≤1.2

CPENameOperatorVersion
ffmpeg:ffmpegffmpegle1.2

CPE	Name	Operator	Version
ffmpeg:ffmpeg	ffmpeg	le	1.2

References

ffmpeg.org/security.html

git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=7edb984dd051b6919d7d8471c70499273f31b0fa

git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=cc0dd86580b3257f22a4981a79eb5fa6804182b6

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.5%

JSON

Related for CVE-2013-3671

debiancve1 ubuntucve1 cvelist1 prion1 nvd1 openvas2 mageia1 nessus1 gentoo1