Lucene search
Ubuntu.comUB:CVE-2013-3675HistoryJun 10, 2013 - 12:00 a.m.
CVE-2013-3675
2013-06-1000:00:00
ubuntu.com
ubuntu.com
8
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
64.5%
The process_frame_obj function in sanm.c in libavcodec in FFmpeg before
1.2.1 does not validate width and height values, which allows remote
attackers to cause a denial of service (integer overflow, out-of-bounds
array access, and application crash) via crafted LucasArts Smush video
data.
Notes
| Author | Note |
|---|---|
| mdeslaur | libav and ffmpeg codebases have diverged to the point of not being able to track both using the same CVE numbers. Marking this CVE as not-affected for libav. |
Related
prion
prion
Integer overflow
2013-06-10 03:19:00
debiancve
debiancve
CVE-2013-3675
2022-10-03 16:14:46
cvelist
cvelist
CVE-2013-3675
2022-10-03 16:14:46
cve
cve
CVE-2013-3675
2022-10-03 16:14:46
nvd
nvd
CVE-2013-3675
2013-06-10 03:19:55
nessus
nessus
GLSA-201310-12 : FFmpeg: Multiple vulnerabilities
2013-10-27 00:00:00
gentoo
gentoo
FFmpeg: Multiple vulnerabilities
2013-10-25 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201310-12
2015-09-29 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
64.5%
Related for UB:CVE-2013-3675