Lucene search

K

PRIOn knowledge basePRION:CVE-2015-3395

HistoryJun 16, 2015 - 4:59 p.m.

Out-of-bounds

2015-06-1616:59:00

PRIOn knowledge base

www.prio-n.com

7

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.7%

The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.

CPENameOperatorVersion
ubuntu_linuxeq12.04
ffmpegeq2.2.12
ffmpegeq2.2.8
ffmpegeq2.4.4
ffmpegeq2.5.0
ffmpegeq2.4.1
ffmpegeq2.2.4
ffmpegeq2.2.6
ffmpegeq2.2.3
ffmpegeq2.4.6

Rows per page:

1-10 of 381

References

git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7e1367f58263593e6cee3c282f7277d7ee9d553

www.debian.org/security/2015/dsa-3288

www.securityfocus.com/bid/74433

www.ubuntu.com/usn/USN-2944-1

git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.4

security.gentoo.org/glsa/201603-06

security.gentoo.org/glsa/201705-08

www.ffmpeg.org/security.html

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.7%

Related for PRION:CVE-2015-3395

debiancve1 cve1 ubuntucve1 nessus5 freebsd1 veracode1 cvelist1 securityvulns2 osv1 debian1 openvas5 gentoo2 mageia1 ubuntu1