5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
24.9%
An integer overflow vulnerability was found in FFmpeg versions before 4.4.2
and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when
processing a specially crafted file.
Author | Note |
---|---|
rodrigo-zaiden | the vulnerability was added in version 4.2, in commit: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=641d5215 |
git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=757da974b21833529cc41bdcc9684c29660cdfa8
git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e9e2ddbc6c78cc18b76093617f82c920e58a8d1f (n4.4.2)
git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=fa2e4afe8d0a23fac37392ef6506cfc9841f8d3d (n4.3.4)
launchpad.net/bugs/cve/CVE-2022-1475
nvd.nist.gov/vuln/detail/CVE-2022-1475
security-tracker.debian.org/tracker/CVE-2022-1475
trac.ffmpeg.org/ticket/9651
ubuntu.com/security/notices/USN-5472-1
www.cve.org/CVERecord?id=CVE-2022-1475
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
24.9%