Lucene search

K

Ubuntu.comUB:CVE-2014-8544

HistoryNov 05, 2014 - 12:00 a.m.

CVE-2014-8544

2014-11-0500:00:00

ubuntu.com

ubuntu.com

10

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.9%

libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate
bits-per-pixel fields, which allows remote attackers to cause a denial of
service (out-of-bounds access) or possibly have unspecified other impact
via crafted TIFF data.

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlibav< 4:0.8.17-0ubuntu0.12.04.1UNKNOWN
ubuntu14.04noarchlibav< 6:9.18-0ubuntu0.14.04.1UNKNOWN

References

git.videolan.org/?p=ffmpeg.git;a=commit;h=e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5

www.ffmpeg.org/security.html

launchpad.net/bugs/cve/CVE-2014-8544

nvd.nist.gov/vuln/detail/CVE-2014-8544

security-tracker.debian.org/tracker/CVE-2014-8544

ubuntu.com/security/notices/USN-2534-1

www.cve.org/CVERecord?id=CVE-2014-8544

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.9%

Related for UB:CVE-2014-8544

veracode1 prion1 debiancve1 nvd1 cve1 cvelist1 freebsd1 nessus5 securityvulns2 openvas6 debian1 ubuntu1 mageia2 gentoo1