Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-6818HistorySep 06, 2015 - 2:59 a.m.
CVE-2015-6818
2015-09-0602:59:00
Debian Security Bug Tracker
security-tracker.debian.org
9
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.8%
The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ffmpeg | < 7:2.7.2-1 | ffmpeg_7:2.7.2-1_all.deb |
| Debian | 11 | all | ffmpeg | < 7:2.7.2-1 | ffmpeg_7:2.7.2-1_all.deb |
| Debian | 10 | all | ffmpeg | < 7:2.7.2-1 | ffmpeg_7:2.7.2-1_all.deb |
| Debian | 999 | all | ffmpeg | < 7:2.7.2-1 | ffmpeg_7:2.7.2-1_all.deb |
| Debian | 13 | all | ffmpeg | < 7:2.7.2-1 | ffmpeg_7:2.7.2-1_all.deb |
Related
prion
prion
Out-of-bounds
2015-09-06 02:59:00
cve
cve
CVE-2015-6818
2015-09-06 02:59:00
veracode
veracode
Denial Of Service (DoS)
2017-02-09 02:06:02
ubuntucve
ubuntucve
CVE-2015-6818
2015-09-05 00:00:00
nessus
nessus
FreeBSD : ffmpeg -- multiple vulnerabilities (3d950687-b4c9-4a86-8478-c56743547af8)
2015-09-21 00:00:00
Ubuntu 12.04 LTS : libav vulnerabilities (USN-2944-1)
2016-04-05 00:00:00
freebsd
freebsd
ffmpeg -- multiple vulnerabilities
2015-09-05 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2944-1)
2016-04-05 00:00:00
Mageia: Security Advisory (MGASA-2016-0018)
2016-01-15 00:00:00
Debian: Security Advisory (DLA-1611)
2023-03-08 00:00:00
ubuntu
ubuntu
Libav vulnerabilities
2016-04-04 00:00:00
osv
osv
libav - security update
2018-12-19 00:00:00
mageia
mageia
Updated ffmpeg packages fix security vulnerabilities
2016-01-15 04:52:38
debian
debian
[SECURITY] [DLA 1611-1] libav security update
2018-12-20 21:51:33
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.8%
Related for DEBIANCVE:CVE-2015-6818