Lucene search

[email protected]CVE-2015-6822

HistorySep 06, 2015 - 2:59 a.m.

CVE-2015-6822

2015-09-0602:59:00

CWE-17

[email protected]

web.nvd.nist.gov

ffmpeg

cve-2015-6822

video context

dos

denial of service

9.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.3%

JSON

The destroy_buffers function in libavcodec/sanm.c in FFmpeg before 2.7.2 does not properly maintain height and width values in the video context, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via crafted LucasArts Smush video data.

CPENameOperatorVersion
ffmpeg:ffmpegffmpegle2.7.1

CPE	Name	Operator	Version
ffmpeg:ffmpeg	ffmpeg	le	2.7.1

References

ffmpeg.org/security.html

git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4

www.securitytracker.com/id/1033483

lists.debian.org/debian-lts-announce/2018/12/msg00009.html

lists.debian.org/debian-lts-announce/2018/12/msg00010.html

9.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.3%

JSON

Related for CVE-2015-6822

debiancve1 cvelist1 prion1 ubuntucve1 veracode1 nessus2 debian2 osv2 freebsd1 openvas3 mageia1