An issue was discovered in Libav 12.3. Division by zero in
range_decode_culshift in libavcodec/apedec.c allows remote attackers to
cause a denial of service (application crash), as demonstrated by avconv.
{"cve": [{"lastseen": "2022-03-23T20:35:00", "description": "An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-07-30T13:15:00", "type": "cve", "title": "CVE-2019-14443", "cwe": ["CWE-369"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14443"], "modified": "2019-12-05T21:15:00", "cpe": ["cpe:/a:libav:libav:12.3"], "id": "CVE-2019-14443", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14443", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:libav:libav:12.3:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-01-29T19:29:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-12-06T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for libav (DLA-2021-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18245", "CVE-2019-14443", "CVE-2019-17542", "CVE-2018-19130", "CVE-2018-19128", "CVE-2017-17127"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310892021", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892021", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892021\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-17127\", \"CVE-2017-18245\", \"CVE-2018-19128\", \"CVE-2018-19130\", \"CVE-2019-14443\", \"CVE-2019-17542\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-06 03:00:15 +0000 (Fri, 06 Dec 2019)\");\n script_name(\"Debian LTS: Security Advisory for libav (DLA-2021-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/12/msg00003.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2021-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libav'\n package(s) announced via the DLA-2021-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several security issues were fixed in libav, a multimedia library for\nprocessing audio and video files.\n\nCVE-2017-17127\n\nThe vc1_decode_frame function in libavcodec/vc1dec.c allows remote\nattackers to cause a denial of service (NULL pointer dereference\nand application crash) via a crafted file.\nCVE-2018-19130 is a duplicate of this vulnerability.\n\nCVE-2017-18245\n\nThe mpc8_probe function in libavformat/mpc8.c allows remote\nattackers to cause a denial of service (heap-based buffer\nover-read) via a crafted audio file on 32-bit systems.\n\nCVE-2018-19128\n\nHeap-based buffer over-read in decode_frame in libavcodec/lcldec.c\nallows an attacker to cause denial-of-service via a crafted avi\nfile.\n\nCVE-2019-14443\n\nDivision by zero in range_decode_culshift in libavcodec/apedec.c\nallows remote attackers to cause a denial of service (application\ncrash), as demonstrated by avconv.\n\nCVE-2019-17542\n\nHeap-based buffer overflow in vqa_decode_chunk because of an\nout-of-array access in vqa_decode_init in libavcodec/vqavideo.c.\");\n\n script_tag(name:\"affected\", value:\"'libav' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n6:11.12-1~deb8u9.\n\nWe recommend that you upgrade your libav packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libav-dbg\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libav-doc\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libav-tools\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavcodec-dev\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavcodec-extra\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavcodec-extra-56\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavcodec56\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavdevice-dev\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavdevice55\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavfilter-dev\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavfilter5\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavformat-dev\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavformat56\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavresample-dev\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavresample2\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavutil-dev\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libavutil54\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libswscale-dev\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libswscale3\", ver:\"6:11.12-1~deb8u9\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-22T11:50:06", "description": "Package : libav\nVersion : 6:11.12-1~deb8u9\nCVE ID : CVE-2017-17127 CVE-2017-18245 CVE-2018-19128 CVE-2018-19130 \n CVE-2019-14443 CVE-2019-17542\n\n\nSeveral security issues were fixed in libav, a multimedia library for\nprocessing audio and video files.\n\nCVE-2017-17127\n\n The vc1_decode_frame function in libavcodec/vc1dec.c allows remote\n attackers to cause a denial of service (NULL pointer dereference\n and application crash) via a crafted file.\n CVE-2018-19130 is a duplicate of this vulnerability.\n\nCVE-2017-18245\n\n The mpc8_probe function in libavformat/mpc8.c allows remote\n attackers to cause a denial of service (heap-based buffer\n over-read) via a crafted audio file on 32-bit systems.\n\nCVE-2018-19128\n\n Heap-based buffer over-read in decode_frame in libavcodec/lcldec.c\n allows an attacker to cause denial-of-service via a crafted avi\n file.\n\nCVE-2019-14443\n\n Division by zero in range_decode_culshift in libavcodec/apedec.c\n allows remote attackers to cause a denial of service (application\n crash), as demonstrated by avconv.\n\nCVE-2019-17542\n\n Heap-based buffer overflow in vqa_decode_chunk because of an\n out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n6:11.12-1~deb8u9.\n\nWe recommend that you upgrade your libav packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-05T18:48:56", "type": "debian", "title": "[SECURITY] [DLA 2021-1] libav security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17127", "CVE-2017-18245", "CVE-2018-19128", "CVE-2018-19130", "CVE-2019-14443", "CVE-2019-17542"], "modified": "2019-12-05T18:48:56", "id": "DEBIAN:DLA-2021-1:97C0E", "href": "https://lists.debian.org/debian-lts-announce/2019/12/msg00003.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-10-16T00:20:09", "description": "Several security issues were fixed in libav, a multimedia library for processing audio and video files.\n\nCVE-2017-17127\n\nThe vc1_decode_frame function in libavcodec/vc1dec.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. CVE-2018-19130 is a duplicate of this vulnerability.\n\nCVE-2017-18245\n\nThe mpc8_probe function in libavformat/mpc8.c allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file on 32-bit systems.\n\nCVE-2018-19128\n\nHeap-based buffer over-read in decode_frame in libavcodec/lcldec.c allows an attacker to cause denial of service via a crafted avi file.\n\nCVE-2019-14443\n\nDivision by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.\n\nCVE-2019-17542\n\nHeap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 6:11.12-1~deb8u9.\n\nWe recommend that you upgrade your libav packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-06T00:00:00", "type": "nessus", "title": "Debian DLA-2021-1 : libav security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17127", "CVE-2017-18245", "CVE-2018-19128", "CVE-2018-19130", "CVE-2019-14443", "CVE-2019-17542"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libav-dbg", "p-cpe:/a:debian:debian_linux:libav-doc", "p-cpe:/a:debian:debian_linux:libav-tools", "p-cpe:/a:debian:debian_linux:libavcodec-dev", "p-cpe:/a:debian:debian_linux:libavcodec-extra", "p-cpe:/a:debian:debian_linux:libavcodec-extra-56", "p-cpe:/a:debian:debian_linux:libavcodec56", "p-cpe:/a:debian:debian_linux:libavdevice-dev", "p-cpe:/a:debian:debian_linux:libavdevice55", "p-cpe:/a:debian:debian_linux:libavfilter-dev", "p-cpe:/a:debian:debian_linux:libavfilter5", "p-cpe:/a:debian:debian_linux:libavformat-dev", "p-cpe:/a:debian:debian_linux:libavformat56", "p-cpe:/a:debian:debian_linux:libavresample-dev", "p-cpe:/a:debian:debian_linux:libavresample2", "p-cpe:/a:debian:debian_linux:libavutil-dev", "p-cpe:/a:debian:debian_linux:libavutil54", "p-cpe:/a:debian:debian_linux:libswscale-dev", "p-cpe:/a:debian:debian_linux:libswscale3", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-2021.NASL", "href": "https://www.tenable.com/plugins/nessus/131740", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2021-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131740);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-17127\", \"CVE-2017-18245\", \"CVE-2018-19128\", \"CVE-2018-19130\", \"CVE-2019-14443\", \"CVE-2019-17542\");\n\n script_name(english:\"Debian DLA-2021-1 : libav security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security issues were fixed in libav, a multimedia library for\nprocessing audio and video files.\n\nCVE-2017-17127\n\nThe vc1_decode_frame function in libavcodec/vc1dec.c allows remote\nattackers to cause a denial of service (NULL pointer dereference and\napplication crash) via a crafted file. CVE-2018-19130 is a duplicate\nof this vulnerability.\n\nCVE-2017-18245\n\nThe mpc8_probe function in libavformat/mpc8.c allows remote attackers\nto cause a denial of service (heap-based buffer over-read) via a\ncrafted audio file on 32-bit systems.\n\nCVE-2018-19128\n\nHeap-based buffer over-read in decode_frame in libavcodec/lcldec.c\nallows an attacker to cause denial of service via a crafted avi file.\n\nCVE-2019-14443\n\nDivision by zero in range_decode_culshift in libavcodec/apedec.c\nallows remote attackers to cause a denial of service (application\ncrash), as demonstrated by avconv.\n\nCVE-2019-17542\n\nHeap-based buffer overflow in vqa_decode_chunk because of an\nout-of-array access in vqa_decode_init in libavcodec/vqavideo.c.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n6:11.12-1~deb8u9.\n\nWe recommend that you upgrade your libav packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/12/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libav\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libav-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libav-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libav-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavcodec-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavcodec-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavcodec-extra-56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavcodec56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavdevice-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavdevice55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavfilter-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavfilter5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavformat-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavformat56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavresample-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavresample2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavutil-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libavutil54\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libswscale-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libswscale3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libav-dbg\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libav-doc\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libav-tools\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavcodec-dev\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavcodec-extra\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavcodec-extra-56\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavcodec56\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavdevice-dev\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavdevice55\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavfilter-dev\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavfilter5\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavformat-dev\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavformat56\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavresample-dev\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavresample2\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavutil-dev\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libavutil54\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libswscale-dev\", reference:\"6:11.12-1~deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libswscale3\", reference:\"6:11.12-1~deb8u9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-07-07T03:58:32", "description": "\nSeveral security issues were fixed in libav, a multimedia library for\nprocessing audio and video files.\n\n\n* [CVE-2017-17127](https://security-tracker.debian.org/tracker/CVE-2017-17127)\nThe vc1\\_decode\\_frame function in libavcodec/vc1dec.c allows remote\n attackers to cause a denial of service (NULL pointer dereference\n and application crash) via a crafted file. \n\n[CVE-2018-19130](https://security-tracker.debian.org/tracker/CVE-2018-19130) is a duplicate of this vulnerability.\n* [CVE-2017-18245](https://security-tracker.debian.org/tracker/CVE-2017-18245)\nThe mpc8\\_probe function in libavformat/mpc8.c allows remote\n attackers to cause a denial of service (heap-based buffer\n over-read) via a crafted audio file on 32-bit systems.\n* [CVE-2018-19128](https://security-tracker.debian.org/tracker/CVE-2018-19128)\nHeap-based buffer over-read in decode\\_frame in libavcodec/lcldec.c\n allows an attacker to cause denial-of-service via a crafted avi\n file.\n* [CVE-2019-14443](https://security-tracker.debian.org/tracker/CVE-2019-14443)\nDivision by zero in range\\_decode\\_culshift in libavcodec/apedec.c\n allows remote attackers to cause a denial of service (application\n crash), as demonstrated by avconv.\n* [CVE-2019-17542](https://security-tracker.debian.org/tracker/CVE-2019-17542)\nHeap-based buffer overflow in vqa\\_decode\\_chunk because of an\n out-of-array access in vqa\\_decode\\_init in libavcodec/vqavideo.c.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n6:11.12-1~deb8u9.\n\n\nWe recommend that you upgrade your libav packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-05T00:00:00", "type": "osv", "title": "libav - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17127", "CVE-2017-18245", "CVE-2018-19128", "CVE-2018-19130", "CVE-2019-14443", "CVE-2019-17542"], "modified": "2022-07-07T00:09:25", "id": "OSV:DLA-2021-1", "href": "https://osv.dev/vulnerability/DLA-2021-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
CVE-2019-14443
