Lucene search
Ubuntu.comUB:CVE-2015-6823HistorySep 06, 2015 - 12:00 a.m.
CVE-2015-6823
2015-09-0600:00:00
ubuntu.com
ubuntu.com
8
0.004 Low
EPSS
Percentile
71.8%
The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2.7.2
does not initialize certain context data, which allows remote attackers to
cause a denial of service (segmentation violation) or possibly have
unspecified other impact via crafted Apple Lossless Audio Codec (ALAC)
data.
Notes
| Author | Note |
|---|---|
| mdeslaur | libav in precise doesn’t look vulnerable |
| ebarretto | as of 2018-09-27, no equivalent fix in libav |
Related
cvelist
cvelist
CVE-2015-6823
2015-09-06 01:00:00
veracode
veracode
Denial Of Service (DoS)
2017-02-08 02:57:06
debiancve
debiancve
CVE-2015-6823
2015-09-06 02:59:00
prion
prion
Design/Logic Flaw
2015-09-06 02:59:00
cve
cve
CVE-2015-6823
2015-09-06 02:59:00
osv
osv
libav - security update
2018-12-20 00:00:00
debian
debian
[SECURITY] [DLA 1611-2] libav security update
2018-12-21 06:20:02
[SECURITY] [DLA 1611-1] libav security update
2018-12-20 21:52:50
nessus
nessus
Debian DLA-1611-2 : libav security update
2018-12-21 00:00:00
freebsd
freebsd
ffmpeg -- multiple vulnerabilities
2015-09-05 00:00:00
mageia
mageia
Updated ffmpeg packages fix security vulnerabilities
2016-01-15 04:52:38
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0018)
2016-01-15 00:00:00
Debian: Security Advisory (DLA-1611-2)
2018-12-20 00:00:00
Debian: Security Advisory (DLA-1611)
2023-03-08 00:00:00