CVE-2013-0874Improper Restriction of Operations within the Bounds of a Memory Buffer in Ffmpeg

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
0.7%
top 27.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
FfmpegDebian Ffmpeg
Timeline
PublishedNov 23
Latest updateMay 17

Description

The (1) doubles2str and (2) shorts2str functions in libavcodec/tiff.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via a crafted TIFF image, related to an out-of-bounds array access.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDffmpeg/ffmpeg1.1.2+56
debiandebian/ffmpeg

🔴Vulnerability Details

1
GHSA
GHSA-988j-325c-6vx5: The (1) doubles2str and (2) shorts2str functions in libavcodec/tiff2022-05-17

📋Vendor Advisories

1
Debian
CVE-2013-0874: ffmpeg - The (1) doubles2str and (2) shorts2str functions in libavcodec/tiff.c in FFmpeg ...2013