Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2021-28429
HistoryAug 11, 2023 - 2:15 p.m.

CVE-2021-28429

2023-08-1114:15:12
Debian Security Bug Tracker
security-tracker.debian.org
9
integer overflow
ffmpeg 4.3.2
denial of service
crafted .mov file
av_timecode_make_string
libavutil
timecode.c
vulnerability
unix

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0

Percentile

5.1%

Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0

Percentile

5.1%