Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-6820HistorySep 06, 2015 - 2:59 a.m.
CVE-2015-6820
2015-09-0602:59:02
Debian Security Bug Tracker
security-tracker.debian.org
7
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
77.4%
The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted AAC data.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ffmpeg | < 7:2.7.2-1 | ffmpeg_7:2.7.2-1_all.deb |
| Debian | 11 | all | ffmpeg | < 7:2.7.2-1 | ffmpeg_7:2.7.2-1_all.deb |
| Debian | 10 | all | ffmpeg | < 7:2.7.2-1 | ffmpeg_7:2.7.2-1_all.deb |
| Debian | 999 | all | ffmpeg | < 7:2.7.2-1 | ffmpeg_7:2.7.2-1_all.deb |
| Debian | 13 | all | ffmpeg | < 7:2.7.2-1 | ffmpeg_7:2.7.2-1_all.deb |
Related
prion
prion
Out-of-bounds
2015-09-06 02:59:00
veracode
veracode
Denial Of Service (DoS)
2017-02-08 05:35:33
nvd
nvd
CVE-2015-6820
2015-09-06 02:59:02
cve
cve
CVE-2015-6820
2015-09-06 02:59:02
cvelist
cvelist
CVE-2015-6820
2015-09-06 01:00:00
ubuntucve
ubuntucve
CVE-2015-6820
2015-09-05 00:00:00
freebsd
freebsd
ffmpeg -- multiple vulnerabilities
2015-09-05 00:00:00
nessus
nessus
FreeBSD : ffmpeg -- multiple vulnerabilities (3d950687-b4c9-4a86-8478-c56743547af8)
2015-09-21 00:00:00
Ubuntu 12.04 LTS : libav vulnerabilities (USN-2944-1)
2016-04-05 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2944-1)
2016-04-05 00:00:00
Mageia: Security Advisory (MGASA-2016-0018)
2016-01-15 00:00:00
Debian: Security Advisory (DLA-1611-2)
2018-12-20 00:00:00
ubuntu
ubuntu
Libav vulnerabilities
2016-04-04 00:00:00
osv
osv
libav - security update
2018-12-19 00:00:00
mageia
mageia
Updated ffmpeg packages fix security vulnerabilities
2016-01-15 04:52:38
debian
debian
[SECURITY] [DLA 1611-1] libav security update
2018-12-20 21:51:33
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
77.4%
Related for DEBIANCVE:CVE-2015-6820