CVE-2014-125018Improper Restriction of Operations within the Bounds of a Memory Buffer in Ffmpeg

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-787Out-of-bounds Write3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 61.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
FfmpegDebian Ffmpeg
Timeline
PublishedJun 19
Latest updateJun 20

Description

A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDffmpeg/ffmpeg2.0
debiandebian/ffmpeg

🔴Vulnerability Details

1
GHSA
GHSA-3739-j4g5-p5h6: A vulnerability, which was classified as problematic, has been found in FFmpeg 22022-06-20

📋Vendor Advisories

1
Debian
CVE-2014-125018: ffmpeg - A vulnerability, which was classified as problematic, has been found in FFmpeg 2...2014