Lucene search
HistoryNov 05, 2014 - 11:55 a.m.
CVE-2014-8543
cve-2014-8543
ffmpeg
denial of service
out-of-bounds access
remote attackers
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.9 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
74.2%
libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MM video data.
Affected configurations
Node
canonicalubuntu_linuxMatch12.04lts
Node
ffmpegffmpegRange≤2.4.1
ORffmpegffmpegMatch0.3
ORffmpegffmpegMatch0.3.1
ORffmpegffmpegMatch0.3.2
ORffmpegffmpegMatch0.3.3
ORffmpegffmpegMatch0.3.4
ORffmpegffmpegMatch0.4.0
ORffmpegffmpegMatch0.4.2
ORffmpegffmpegMatch0.4.3
ORffmpegffmpegMatch0.4.4
ORffmpegffmpegMatch0.4.5
ORffmpegffmpegMatch0.4.6
ORffmpegffmpegMatch0.4.7
ORffmpegffmpegMatch0.4.8
ORffmpegffmpegMatch0.4.9pre1
ORffmpegffmpegMatch0.5
ORffmpegffmpegMatch0.5.1
ORffmpegffmpegMatch0.5.2
ORffmpegffmpegMatch0.5.3
ORffmpegffmpegMatch0.5.4
ORffmpegffmpegMatch0.5.4.5
ORffmpegffmpegMatch0.5.4.6
ORffmpegffmpegMatch0.5.5
ORffmpegffmpegMatch0.6
ORffmpegffmpegMatch0.6.1
ORffmpegffmpegMatch0.6.2
ORffmpegffmpegMatch0.6.3
ORffmpegffmpegMatch0.7
ORffmpegffmpegMatch0.7.1
ORffmpegffmpegMatch0.7.2
ORffmpegffmpegMatch0.7.3
ORffmpegffmpegMatch0.7.4
ORffmpegffmpegMatch0.7.5
ORffmpegffmpegMatch0.7.6
ORffmpegffmpegMatch0.7.7
ORffmpegffmpegMatch0.7.8
ORffmpegffmpegMatch0.7.9
ORffmpegffmpegMatch0.7.11
ORffmpegffmpegMatch0.7.12
ORffmpegffmpegMatch0.8.0
ORffmpegffmpegMatch0.8.1
ORffmpegffmpegMatch0.8.2
ORffmpegffmpegMatch0.8.5
ORffmpegffmpegMatch0.8.5.3
ORffmpegffmpegMatch0.8.5.4
ORffmpegffmpegMatch0.8.6
ORffmpegffmpegMatch0.8.7
ORffmpegffmpegMatch0.8.8
ORffmpegffmpegMatch0.8.10
ORffmpegffmpegMatch0.8.11
ORffmpegffmpegMatch0.9
ORffmpegffmpegMatch0.9.1
ORffmpegffmpegMatch0.10
ORffmpegffmpegMatch0.10.3
ORffmpegffmpegMatch0.10.4
ORffmpegffmpegMatch0.11
ORffmpegffmpegMatch0.11.1
ORffmpegffmpegMatch0.11.2
ORffmpegffmpegMatch0.11.3
ORffmpegffmpegMatch0.11.4
ORffmpegffmpegMatch1.0
ORffmpegffmpegMatch1.0.1
ORffmpegffmpegMatch1.0.2
ORffmpegffmpegMatch1.0.3
ORffmpegffmpegMatch1.0.4
ORffmpegffmpegMatch1.1
ORffmpegffmpegMatch1.1.1
ORffmpegffmpegMatch1.1.2
ORffmpegffmpegMatch1.1.3
ORffmpegffmpegMatch1.1.4
ORffmpegffmpegMatch1.1.5
ORffmpegffmpegMatch1.1.6
ORffmpegffmpegMatch1.1.7
ORffmpegffmpegMatch1.1.8
ORffmpegffmpegMatch1.1.9
ORffmpegffmpegMatch1.1.10
ORffmpegffmpegMatch1.1.11
ORffmpegffmpegMatch1.1.12
ORffmpegffmpegMatch1.1.13
ORffmpegffmpegMatch1.2
ORffmpegffmpegMatch1.2.1
ORffmpegffmpegMatch1.2.3
ORffmpegffmpegMatch1.2.4
ORffmpegffmpegMatch1.2.5
ORffmpegffmpegMatch1.2.6
ORffmpegffmpegMatch1.2.7
ORffmpegffmpegMatch2.0
ORffmpegffmpegMatch2.0.1
ORffmpegffmpegMatch2.0.2
ORffmpegffmpegMatch2.0.3
ORffmpegffmpegMatch2.0.4
ORffmpegffmpegMatch2.0.5
ORffmpegffmpegMatch2.1
ORffmpegffmpegMatch2.1.1
ORffmpegffmpegMatch2.1.2
ORffmpegffmpegMatch2.1.3
ORffmpegffmpegMatch2.1.4
ORffmpegffmpegMatch2.1.5
ORffmpegffmpegMatch2.2
ORffmpegffmpegMatch2.2.4
ORffmpegffmpegMatch2.3
ORffmpegffmpegMatch2.3.2
ORffmpegffmpegMatch2.3.3
ORffmpegffmpegMatch2.3.4
ORffmpegffmpegMatch2.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| canonical:ubuntu_linux | canonical ubuntu linux | eq | 12.04 |
Related
debiancve
debiancve
CVE-2014-8543
2014-11-05 11:55:07
prion
prion
Out-of-bounds
2014-11-05 11:55:00
veracode
veracode
Denial Of Service (DoS)
2017-02-06 01:21:37
nvd
nvd
CVE-2014-8543
2014-11-05 11:55:07
ubuntucve
ubuntucve
CVE-2014-8543
2014-11-05 00:00:00
cvelist
cvelist
CVE-2014-8543
2014-11-05 11:00:00
ubuntu
ubuntu
Libav vulnerabilities
2015-03-17 00:00:00
openvas
openvas
Debian Security Advisory DSA 3189-1 (libav - security update)
2015-03-15 00:00:00
Ubuntu: Security Advisory (USN-2534-1)
2015-03-18 00:00:00
Debian: Security Advisory (DSA-3189-1)
2015-03-14 00:00:00
nessus
nessus
Debian DSA-3189-1 : libav - security update
2015-03-17 00:00:00
Ubuntu 12.04 LTS : libav vulnerabilities (USN-2534-1)
2015-03-18 00:00:00
securityvulns
securityvulns
libav / ffmpeg multiple security vulnerabilities
2015-03-18 00:00:00
[USN-2534-1] Libav vulnerabilities
2015-03-18 00:00:00
debian
debian
[SECURITY] [DSA 3189-1] libav security update
2015-03-15 19:49:38
mageia
mageia
Updated ffmpeg packages fix security vulnerabilities
2014-11-21 15:44:16
Updated avidemux packages fix security vulnerabilities
2014-11-26 20:29:06
freebsd
freebsd
ffmpeg -- multiple vulnerabilities
2015-03-12 00:00:00
gentoo
gentoo
FFmpeg: Multiple vulnerabilities
2016-03-12 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.9 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
74.2%
Related for CVE-2014-8543