Lucene search

[email protected]CVE-2013-7016

HistoryDec 09, 2013 - 4:36 p.m.

CVE-2013-7016

2013-12-0916:36:49

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-7016

ffmpeg

denial of service

out-of-bounds array access

jpeg2000

remote attackers

nvd

security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

JSON

The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.

Affected configurations

NVD

Node

ffmpegffmpegRange≤2.0.1

ffmpegffmpegMatch0.3

ffmpegffmpegMatch0.3.1

ffmpegffmpegMatch0.3.2

ffmpegffmpegMatch0.3.3

ffmpegffmpegMatch0.3.4

ffmpegffmpegMatch0.4.0

ffmpegffmpegMatch0.4.2

ffmpegffmpegMatch0.4.3

ffmpegffmpegMatch0.4.4

ffmpegffmpegMatch0.4.5

ffmpegffmpegMatch0.4.6

ffmpegffmpegMatch0.4.7

ffmpegffmpegMatch0.4.8

ffmpegffmpegMatch0.4.9pre1

ffmpegffmpegMatch0.5

ffmpegffmpegMatch0.5.1

ffmpegffmpegMatch0.5.2

ffmpegffmpegMatch0.5.3

ffmpegffmpegMatch0.5.4

ffmpegffmpegMatch0.5.4.5

ffmpegffmpegMatch0.5.4.6

ffmpegffmpegMatch0.5.5

ffmpegffmpegMatch0.6

ffmpegffmpegMatch0.6.1

ffmpegffmpegMatch0.6.2

ffmpegffmpegMatch0.6.3

ffmpegffmpegMatch0.7

ffmpegffmpegMatch0.7.1

ffmpegffmpegMatch0.7.2

ffmpegffmpegMatch0.7.3

ffmpegffmpegMatch0.7.4

ffmpegffmpegMatch0.7.5

ffmpegffmpegMatch0.7.6

ffmpegffmpegMatch0.7.7

ffmpegffmpegMatch0.7.8

ffmpegffmpegMatch0.7.9

ffmpegffmpegMatch0.7.11

ffmpegffmpegMatch0.7.12

ffmpegffmpegMatch0.8.0

ffmpegffmpegMatch0.8.1

ffmpegffmpegMatch0.8.2

ffmpegffmpegMatch0.8.5

ffmpegffmpegMatch0.8.5.3

ffmpegffmpegMatch0.8.5.4

ffmpegffmpegMatch0.8.6

ffmpegffmpegMatch0.8.7

ffmpegffmpegMatch0.8.8

ffmpegffmpegMatch0.8.10

ffmpegffmpegMatch0.8.11

ffmpegffmpegMatch0.9

ffmpegffmpegMatch0.9.1

ffmpegffmpegMatch0.10

ffmpegffmpegMatch0.10.3

ffmpegffmpegMatch0.10.4

ffmpegffmpegMatch0.11

ffmpegffmpegMatch1.0

ffmpegffmpegMatch1.1.1

ffmpegffmpegMatch1.1.2

ffmpegffmpegMatch1.1.3

ffmpegffmpegMatch1.1.4

ffmpegffmpegMatch1.2

ffmpegffmpegMatch1.2.1

ffmpegffmpegMatch2.0

CPENameOperatorVersion
ffmpeg:ffmpegffmpegle2.0.1
ffmpeg:ffmpegffmpegeq0.3
ffmpeg:ffmpegffmpegeq0.3.1
ffmpeg:ffmpegffmpegeq0.3.2
ffmpeg:ffmpegffmpegeq0.3.3
ffmpeg:ffmpegffmpegeq0.3.4
ffmpeg:ffmpegffmpegeq0.4.0
ffmpeg:ffmpegffmpegeq0.4.2
ffmpeg:ffmpegffmpegeq0.4.3
ffmpeg:ffmpegffmpegeq0.4.4

CPE	Name	Operator	Version
ffmpeg:ffmpeg	ffmpeg	le	2.0.1
ffmpeg:ffmpeg	ffmpeg	eq	0.3
ffmpeg:ffmpeg	ffmpeg	eq	0.3.1
ffmpeg:ffmpeg	ffmpeg	eq	0.3.2
ffmpeg:ffmpeg	ffmpeg	eq	0.3.3
ffmpeg:ffmpeg	ffmpeg	eq	0.3.4
ffmpeg:ffmpeg	ffmpeg	eq	0.4.0
ffmpeg:ffmpeg	ffmpeg	eq	0.4.2
ffmpeg:ffmpeg	ffmpeg	eq	0.4.3
ffmpeg:ffmpeg	ffmpeg	eq	0.4.4