Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 Tenable Network Security, Inc.OPENSUSE-2015-821.NASL
HistoryNov 30, 2015 - 12:00 a.m.

openSUSE Security Update : ffmpeg (openSUSE-2015-821)

2015-11-3000:00:00
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.
www.tenable.com
18

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.6%

JSON

The ffmpeg package was updated to version 2.8.2 to fix the following security and non security issues :

  • CVE-2015-8216: Fixed the ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c which could cause a denial of service (out-of-bounds array access) (bnc#955346).

  • CVE-2015-8217: Fixed the ff_hevc_parse_sps function in libavcodec/hevc_ps.c which could cause a denial of service (out-of-bounds array access) (bnc#955347).

  • CVE-2015-8218: Fixed the decode_uncompressed function in libavcodec/faxcompr.c which could cause a denial of service (out-of-bounds array access) (bnc#955348).

  • CVE-2015-8219: Fixed the init_tile function in libavcodec/jpeg2000dec.c which could cause a denial of service (out-of-bounds array access) (bnc#955350).

  • Update to new upstream release 2.8.2

  • various fixes in the aac_fixed decoder

  • various fixes in softfloat

  • swresample/resample: increase precision for compensation

  • lavf/mov: add support for sidx fragment indexes

  • avformat/mxfenc: Only store user comment related tags when needed

  • ffmpeg: Don’t try and write sdp info if none of the outputs had an rtp format.

  • apng: use correct size for output buffer

  • jvdec: avoid unsigned overflow in comparison

  • avcodec/jpeg2000dec: Clip all tile coordinates

  • avcodec/microdvddec: Check for string end in ‘P’ case

  • avcodec/dirac_parser: Fix undefined memcpy() use

  • avformat/xmv: Discard remainder of packet on error

  • avformat/xmv: factor return check out of if/else

  • avcodec/mpeg12dec: Do not call show_bits() with invalid bits

  • avcodec/faxcompr: Add missing runs check in decode_uncompressed()

  • libavutil/channel_layout: Check strtol*() for failure

  • avformat/mpegts: Only start probing data streams within probe_packets

  • avcodec/hevc_ps: Check chroma_format_idc

  • avcodec/ffv1dec: Check for 0 quant tables

  • avcodec/mjpegdec: Reinitialize IDCT on BPP changes

  • avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() before using it

  • avcodec/h264_slice: Disable slice threads if there are multiple access units in a packet

  • avformat/hls: update cookies on setcookie response

  • opusdec: Don’t run vector_fmul_scalar on zero length arrays

  • avcodec/opusdec: Fix extra samples read index

  • avcodec/ffv1: Initialize vlc_state on allocation

  • avcodec/ffv1dec: update progress in case of broken pointer chains

  • avcodec/ffv1dec: Clear slice coordinates if they are invalid or slice header decoding fails for other reasons

  • rtsp: Allow $ as interleaved packet indicator before a complete response header

  • videodsp: don’t overread edges in vfix3 emu_edge.

  • avformat/mp3dec: improve junk skipping heuristic

  • concatdec: fix file_start_time calculation regression

  • avcodec: loongson optimize h264dsp idct and loop filter with mmi

  • avcodec/jpeg2000dec: Clear properties in jpeg2000_dec_cleanup() too

  • avformat/hls: add support for EXT-X-MAP

  • avformat/hls: fix segment selection regression on track changes of live streams

  • configure: Require libkvazaar < 0.7.

  • avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup

  • Drop ffmpeg-mov-sidx-fragment.patch, fixed upstream.

  • Update to new upstream release 2.8.1

  • Minor bugfix release

  • Includes all changes from. Ffmpeg-mt, libav master of 2015-08-28, libav 11 as of 2015-08-28

  • Add ffmpeg-mov-sidx-fragment.patch to add sidx fragment indexes. Needed for new mpv release.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2015-821.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(87085);
  script_version("2.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2015-8216", "CVE-2015-8217", "CVE-2015-8218", "CVE-2015-8219");

  script_name(english:"openSUSE Security Update : ffmpeg (openSUSE-2015-821)");
  script_summary(english:"Check for the openSUSE-2015-821 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The ffmpeg package was updated to version 2.8.2 to fix the following
security and non security issues :

  - CVE-2015-8216: Fixed the ljpeg_decode_yuv_scan function
    in libavcodec/mjpegdec.c which could cause a denial of
    service (out-of-bounds array access) (bnc#955346).

  - CVE-2015-8217: Fixed the ff_hevc_parse_sps function in
    libavcodec/hevc_ps.c which could cause a denial of
    service (out-of-bounds array access) (bnc#955347).

  - CVE-2015-8218: Fixed the decode_uncompressed function in
    libavcodec/faxcompr.c which could cause a denial of
    service (out-of-bounds array access) (bnc#955348).

  - CVE-2015-8219: Fixed the init_tile function in
    libavcodec/jpeg2000dec.c which could cause a denial of
    service (out-of-bounds array access) (bnc#955350).

  - Update to new upstream release 2.8.2

  - various fixes in the aac_fixed decoder

  - various fixes in softfloat

  - swresample/resample: increase precision for compensation

  - lavf/mov: add support for sidx fragment indexes

  - avformat/mxfenc: Only store user comment related tags
    when needed

  - ffmpeg: Don't try and write sdp info if none of the
    outputs had an rtp format.

  - apng: use correct size for output buffer

  - jvdec: avoid unsigned overflow in comparison

  - avcodec/jpeg2000dec: Clip all tile coordinates

  - avcodec/microdvddec: Check for string end in 'P' case

  - avcodec/dirac_parser: Fix undefined memcpy() use

  - avformat/xmv: Discard remainder of packet on error

  - avformat/xmv: factor return check out of if/else

  - avcodec/mpeg12dec: Do not call show_bits() with invalid
    bits

  - avcodec/faxcompr: Add missing runs check in
    decode_uncompressed()

  - libavutil/channel_layout: Check strtol*() for failure

  - avformat/mpegts: Only start probing data streams within
    probe_packets

  - avcodec/hevc_ps: Check chroma_format_idc

  - avcodec/ffv1dec: Check for 0 quant tables

  - avcodec/mjpegdec: Reinitialize IDCT on BPP changes

  - avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan()
    before using it

  - avcodec/h264_slice: Disable slice threads if there are
    multiple access units in a packet

  - avformat/hls: update cookies on setcookie response

  - opusdec: Don't run vector_fmul_scalar on zero length
    arrays

  - avcodec/opusdec: Fix extra samples read index

  - avcodec/ffv1: Initialize vlc_state on allocation

  - avcodec/ffv1dec: update progress in case of broken
    pointer chains

  - avcodec/ffv1dec: Clear slice coordinates if they are
    invalid or slice header decoding fails for other reasons

  - rtsp: Allow $ as interleaved packet indicator before a
    complete response header

  - videodsp: don't overread edges in vfix3 emu_edge.

  - avformat/mp3dec: improve junk skipping heuristic

  - concatdec: fix file_start_time calculation regression

  - avcodec: loongson optimize h264dsp idct and loop filter
    with mmi

  - avcodec/jpeg2000dec: Clear properties in
    jpeg2000_dec_cleanup() too

  - avformat/hls: add support for EXT-X-MAP

  - avformat/hls: fix segment selection regression on track
    changes of live streams

  - configure: Require libkvazaar < 0.7.

  - avcodec/vp8: Do not use num_coeff_partitions in
    thread/buffer setup

  - Drop ffmpeg-mov-sidx-fragment.patch, fixed upstream.

  - Update to new upstream release 2.8.1

  - Minor bugfix release

  - Includes all changes from. Ffmpeg-mt, libav master of
    2015-08-28, libav 11 as of 2015-08-28

  - Add ffmpeg-mov-sidx-fragment.patch to add sidx fragment
    indexes. Needed for new mpv release."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=955346"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=955347"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=955348"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=955350"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected ffmpeg packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ffmpeg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ffmpeg-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ffmpeg-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ffmpeg-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavcodec-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavcodec56");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavcodec56-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavcodec56-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavcodec56-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavdevice-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavdevice56");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavdevice56-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavdevice56-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavdevice56-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavfilter-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavfilter5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavfilter5-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavfilter5-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavfilter5-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavformat-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavformat56");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavformat56-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavformat56-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavformat56-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavresample-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavresample2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavresample2-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavresample2-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavresample2-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavutil-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavutil54");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavutil54-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavutil54-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libavutil54-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpostproc-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpostproc53");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpostproc53-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpostproc53-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpostproc53-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libswresample-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libswresample1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libswresample1-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libswresample1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libswresample1-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libswscale-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libswscale3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libswscale3-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libswscale3-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libswscale3-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2015/11/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/11/30");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE42.1", reference:"ffmpeg-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"ffmpeg-debuginfo-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"ffmpeg-debugsource-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"ffmpeg-devel-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavcodec-devel-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavcodec56-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavcodec56-debuginfo-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavdevice-devel-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavdevice56-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavdevice56-debuginfo-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavfilter-devel-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavfilter5-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavfilter5-debuginfo-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavformat-devel-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavformat56-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavformat56-debuginfo-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavresample-devel-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavresample2-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavresample2-debuginfo-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavutil-devel-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavutil54-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libavutil54-debuginfo-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libpostproc-devel-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libpostproc53-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libpostproc53-debuginfo-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libswresample-devel-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libswresample1-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libswresample1-debuginfo-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libswscale-devel-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libswscale3-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libswscale3-debuginfo-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavcodec56-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavcodec56-debuginfo-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavdevice56-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavdevice56-debuginfo-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavfilter5-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavfilter5-debuginfo-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavformat56-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavformat56-debuginfo-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavresample2-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavresample2-debuginfo-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavutil54-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libavutil54-debuginfo-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libpostproc53-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libpostproc53-debuginfo-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libswresample1-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libswresample1-debuginfo-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libswscale3-32bit-2.8.2-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libswscale3-debuginfo-32bit-2.8.2-3.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ffmpeg / ffmpeg-debuginfo / ffmpeg-debugsource / ffmpeg-devel / etc");
}
VendorProductVersionCPE
novellopensuseffmpegp-cpe:/a:novell:opensuse:ffmpeg
novellopensuseffmpeg-debuginfop-cpe:/a:novell:opensuse:ffmpeg-debuginfo
novellopensuseffmpeg-debugsourcep-cpe:/a:novell:opensuse:ffmpeg-debugsource
novellopensuseffmpeg-develp-cpe:/a:novell:opensuse:ffmpeg-devel
novellopensuselibavcodec-develp-cpe:/a:novell:opensuse:libavcodec-devel
novellopensuselibavcodec56p-cpe:/a:novell:opensuse:libavcodec56
novellopensuselibavcodec56-32bitp-cpe:/a:novell:opensuse:libavcodec56-32bit
novellopensuselibavcodec56-debuginfop-cpe:/a:novell:opensuse:libavcodec56-debuginfo
novellopensuselibavcodec56-debuginfo-32bitp-cpe:/a:novell:opensuse:libavcodec56-debuginfo-32bit
novellopensuselibavdevice-develp-cpe:/a:novell:opensuse:libavdevice-devel
Rows per page:
1-10 of 501

Related

nessus 1
freebsd 1
cve 4
nvd 4
prion 4
veracode 4
cvelist 4
debiancve 4
ubuntucve 4
mageia 1
osv 1
openvas 3
debian 1
nessus
nessus
FreeBSD : ffmpeg -- multiple vulnerabilities (b0da85af-21a3-4c15-a137-fe9e4bc86002)
2015-12-03 00:00:00
freebsd
freebsd
ffmpeg -- multiple vulnerabilities
2015-11-27 00:00:00
cve
cve
CVE-2015-8219
2015-11-17 01:59:04
CVE-2015-8217
2015-11-17 01:59:01
CVE-2015-8216
2015-11-17 01:59:00
nvd
nvd
CVE-2015-8219
2015-11-17 01:59:04
CVE-2015-8217
2015-11-17 01:59:01
CVE-2015-8218
2015-11-17 01:59:02
prion
prion
Out-of-bounds
2015-11-17 01:59:00
Out-of-bounds
2015-11-17 01:59:00
Out-of-bounds
2015-11-17 01:59:00
veracode
veracode
Denial Of Service (DoS)
2017-02-07 02:10:45
Denial Of Service (DoS)
2017-02-07 02:18:44
Denial Of Service (DoS)
2017-02-07 02:00:43
cvelist
cvelist
CVE-2015-8218
2015-11-17 01:00:00
CVE-2015-8216
2015-11-17 01:00:00
CVE-2015-8219
2015-11-17 01:00:00
debiancve
debiancve
CVE-2015-8218
2015-11-17 01:59:02
CVE-2015-8217
2015-11-17 01:59:01
CVE-2015-8219
2015-11-17 01:59:04
ubuntucve
ubuntucve
CVE-2015-8216
2015-11-17 00:00:00
CVE-2015-8217
2015-11-17 00:00:00
CVE-2015-8218
2015-11-17 00:00:00
mageia
mageia
Updated ffmpeg packages fix security vulnerabilities
2016-01-15 04:52:38
osv
osv
libav - security update
2018-12-19 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0018)
2016-01-15 00:00:00
Debian: Security Advisory (DLA-1611)
2023-03-08 00:00:00
Debian: Security Advisory (DLA-1611-2)
2018-12-20 00:00:00
debian
debian
[SECURITY] [DLA 1611-1] libav security update
2018-12-20 21:51:33

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.6%

JSON
Related for OPENSUSE-2015-821.NASL
nessus1freebsd1cve4nvd4prion4veracode4cvelist4debiancve4ubuntucve4mageia1osv1openvas3debian1