Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-2276HistoryFeb 27, 2013 - 4:55 p.m.
CVE-2013-2276
2013-02-2716:55:02
Debian Security Bug Tracker
security-tracker.debian.org
10
ffmpeg
avcodec
vulnerability
denial of service
array access
application crash
audio data
unix
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.003
Percentile
65.7%
The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted audio data.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ffmpeg | < 7:5.1.6-0+deb12u1 | ffmpeg_7:5.1.6-0+deb12u1_all.deb |
| Debian | 11 | all | ffmpeg | < 7:4.3.7-0+deb11u1 | ffmpeg_7:4.3.7-0+deb11u1_all.deb |
| Debian | 999 | all | ffmpeg | < 7:7.0.2-3 | ffmpeg_7:7.0.2-3_all.deb |
| Debian | 13 | all | ffmpeg | < 7:7.0.2-3 | ffmpeg_7:7.0.2-3_all.deb |
Related
cvelist
cvelist
CVE-2013-2276
2013-02-27 16:00:00
nvd
nvd
CVE-2013-2276
2013-02-27 16:55:02
ubuntucve
ubuntucve
CVE-2013-2276
2013-02-27 00:00:00
prion
prion
Out-of-bounds
2013-02-27 16:55:00
cve
cve
CVE-2013-2276
2013-02-27 16:55:02
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.003
Percentile
65.7%
Related for DEBIANCVE:CVE-2013-2276