CVE-2014-5272

Published Nov 3, 2014
Last updated a year ago
CVSS info 6.8
Overview

Description: libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-119
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEBDCECF-B44E-415C-80ED-DB15332F7BFD",
            "versionEndIncluding": "1.1.13"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "192F65AB-99F2-4722-B1A2-737A87282447"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3E30DB1-0CFC-4EAA-BF07-CE7551ABDCB5"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBA7D745-DC16-43B9-8A2D-4D6944A6BFD0"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87A511A5-2040-433A-9B32-B89332214FA6"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C01DD9C-98C9-4896-8D66-A8336582298B"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B9BF628-8AE0-4D4A-9E9E-02C679B2BE3A"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE4D23F3-5D03-4192-B02B-F5D78420359B"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F82CFB87-303C-4009-81CB-124D34446E7C"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68F87B18-B869-4608-81B8-DC30F3AEA728"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5559F046-434D-4F9C-A6E2-F2E4196235BA"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48216C77-CEDA-4F6B-8A24-1C22328AEEFB"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F8A300D-1771-4160-B649-4DD31A522454"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6610C93A-059A-4151-A169-06CCF06D20AB"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBE7723A-3D6B-4390-B82E-6A5A6992141A"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1ED8FF93-5AA7-443C-BBDB-845736BB337B"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F779F23A-5D19-414A-A0D4-1A1C12B2B268"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90C18AE4-911C-4E59-AF0C-972CD20D8780"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5204A44-FB87-4CD1-8923-CFA5784D78EA"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C996BBC7-62F2-4100-A0C9-883DFF7C4593"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:1.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48D7C541-CB05-423C-9810-CE7BFACB569D"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1337F5B-E9D9-4335-9E05-50018E59E530"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B27C609-E4B4-41CD-B228-38267AA3A8AB"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C97DBEE2-AF4E-4C2D-A185-F2A1B965D9DA"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDEDAA24-D9E0-4384-B193-0C8814E4FDD6"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40B0C71E-341A-434A-90AE-326097AC85E4"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E83D73FF-E6F6-4399-B721-6C6275C52B55"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B70C00A9-3562-45AB-B494-3BA91B6AFC3E"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A30389D2-2873-4F15-B249-066B6D37AC23"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0487928D-6630-4E23-BBA5-BED0A0F156B1"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3088131-C48D-463B-8709-78A90EDE1FA4"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DADF01E6-CB58-4593-B444-A59232EE83CB"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06442F70-22B4-49E5-B25B-92E03973B57E"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B08A7BE-7C98-4659-808F-86A8EB4676D2"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE9CF7C7-3730-43EC-B63E-B004D979E57A"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "207DF654-326E-43A9-A5EC-BC239BF30422"
          },
          {
            "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B50AB2A-FA23-4BB0-AA21-724E770ADEFB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
