CVE-2013-4265 — Ffmpeg vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

0.4%

top 39.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ffmpeg Debian Ffmpeg

Timeline

PublishedNov 23

Latest updateMay 17

Description

The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0.1 has an unspecified impact and remote vectors related to a "wrong return code" and a resultant NULL pointer dereference.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDffmpeg/ffmpeg2.0+60

▶debiandebian/ffmpeg

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-gm9f-6c9f-6hf8: The av_reallocp_array function in libavutil/mem↗2022-05-17

▶

📋Vendor Advisories

Debian

CVE-2013-4265: ffmpeg - The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0.1 has an ...↗2013

▶