Lucene search
HistoryNov 05, 2014 - 11:55 a.m.
CVE-2014-8549
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.004
Percentile
75.2%
libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted On2 data.
Affected configurations
Node
ffmpegffmpegRange≤2.4.1
ORffmpegffmpegMatch0.3
ORffmpegffmpegMatch0.3.1
ORffmpegffmpegMatch0.3.2
ORffmpegffmpegMatch0.3.3
ORffmpegffmpegMatch0.3.4
ORffmpegffmpegMatch0.4.0
ORffmpegffmpegMatch0.4.2
ORffmpegffmpegMatch0.4.3
ORffmpegffmpegMatch0.4.4
ORffmpegffmpegMatch0.4.5
ORffmpegffmpegMatch0.4.6
ORffmpegffmpegMatch0.4.7
ORffmpegffmpegMatch0.4.8
ORffmpegffmpegMatch0.4.9pre1
ORffmpegffmpegMatch0.5
ORffmpegffmpegMatch0.5.1
ORffmpegffmpegMatch0.5.2
ORffmpegffmpegMatch0.5.3
ORffmpegffmpegMatch0.5.4
ORffmpegffmpegMatch0.5.4.5
ORffmpegffmpegMatch0.5.4.6
ORffmpegffmpegMatch0.5.5
ORffmpegffmpegMatch0.6
ORffmpegffmpegMatch0.6.1
ORffmpegffmpegMatch0.6.2
ORffmpegffmpegMatch0.6.3
ORffmpegffmpegMatch0.7
ORffmpegffmpegMatch0.7.1
ORffmpegffmpegMatch0.7.2
ORffmpegffmpegMatch0.7.3
ORffmpegffmpegMatch0.7.4
ORffmpegffmpegMatch0.7.5
ORffmpegffmpegMatch0.7.6
ORffmpegffmpegMatch0.7.7
ORffmpegffmpegMatch0.7.8
ORffmpegffmpegMatch0.7.9
ORffmpegffmpegMatch0.7.11
ORffmpegffmpegMatch0.7.12
ORffmpegffmpegMatch0.8.0
ORffmpegffmpegMatch0.8.1
ORffmpegffmpegMatch0.8.2
ORffmpegffmpegMatch0.8.5
ORffmpegffmpegMatch0.8.5.3
ORffmpegffmpegMatch0.8.5.4
ORffmpegffmpegMatch0.8.6
ORffmpegffmpegMatch0.8.7
ORffmpegffmpegMatch0.8.8
ORffmpegffmpegMatch0.8.10
ORffmpegffmpegMatch0.8.11
ORffmpegffmpegMatch0.9
ORffmpegffmpegMatch0.9.1
ORffmpegffmpegMatch0.10
ORffmpegffmpegMatch0.10.3
ORffmpegffmpegMatch0.10.4
ORffmpegffmpegMatch0.11
ORffmpegffmpegMatch0.11.1
ORffmpegffmpegMatch0.11.2
ORffmpegffmpegMatch0.11.3
ORffmpegffmpegMatch0.11.4
ORffmpegffmpegMatch1.0
ORffmpegffmpegMatch1.0.1
ORffmpegffmpegMatch1.0.2
ORffmpegffmpegMatch1.0.3
ORffmpegffmpegMatch1.0.4
ORffmpegffmpegMatch1.1
ORffmpegffmpegMatch1.1.1
ORffmpegffmpegMatch1.1.2
ORffmpegffmpegMatch1.1.3
ORffmpegffmpegMatch1.1.4
ORffmpegffmpegMatch1.1.5
ORffmpegffmpegMatch1.1.6
ORffmpegffmpegMatch1.1.7
ORffmpegffmpegMatch1.1.8
ORffmpegffmpegMatch1.1.9
ORffmpegffmpegMatch1.1.10
ORffmpegffmpegMatch1.1.11
ORffmpegffmpegMatch1.1.12
ORffmpegffmpegMatch1.1.13
ORffmpegffmpegMatch1.2
ORffmpegffmpegMatch1.2.1
ORffmpegffmpegMatch1.2.3
ORffmpegffmpegMatch1.2.4
ORffmpegffmpegMatch1.2.5
ORffmpegffmpegMatch1.2.6
ORffmpegffmpegMatch1.2.7
ORffmpegffmpegMatch2.0
ORffmpegffmpegMatch2.0.1
ORffmpegffmpegMatch2.0.2
ORffmpegffmpegMatch2.0.3
ORffmpegffmpegMatch2.0.4
ORffmpegffmpegMatch2.0.5
ORffmpegffmpegMatch2.1
ORffmpegffmpegMatch2.1.1
ORffmpegffmpegMatch2.1.2
ORffmpegffmpegMatch2.1.3
ORffmpegffmpegMatch2.1.4
ORffmpegffmpegMatch2.1.5
ORffmpegffmpegMatch2.2
ORffmpegffmpegMatch2.2.4
ORffmpegffmpegMatch2.3
ORffmpegffmpegMatch2.3.2
ORffmpegffmpegMatch2.3.3
ORffmpegffmpegMatch2.3.4
ORffmpegffmpegMatch2.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ffmpeg | ffmpeg | * | cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.3 | cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.3.1 | cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.3.2 | cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.3.3 | cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.3.4 | cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.4.0 | cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.4.2 | cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.4.3 | cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:* |
| ffmpeg | ffmpeg | 0.4.4 | cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:* |
Related
prion
prion
Out-of-bounds
2014-11-05 11:55:00
debiancve
debiancve
CVE-2014-8549
2014-11-05 11:55:08
cve
cve
CVE-2014-8549
2014-11-05 11:55:08
veracode
veracode
Denial Of Service (DoS)
2017-02-03 06:29:46
cvelist
cvelist
CVE-2014-8549
2014-11-05 11:00:00
ubuntucve
ubuntucve
CVE-2014-8549
2014-11-05 00:00:00
gentoo
gentoo
FFmpeg: Multiple vulnerabilities
2016-03-12 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201603-06
2016-03-14 00:00:00
nessus
nessus
GLSA-201603-06 : FFmpeg: Multiple vulnerabilities
2016-03-14 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.004
Percentile
75.2%
Related for NVD:CVE-2014-8549