CVE-2014-125008

A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*

History

27 Jun 2022, 18:50

Type Values Removed Values Added
CWE CWE-787
References (MISC) http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f5d1d1e4667ba346ea7e0f97e6d2756bc9d4abde - (MISC) http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f5d1d1e4667ba346ea7e0f97e6d2756bc9d4abde - Patch, Third Party Advisory
References (MISC) https://vuldb.com/?id.12582 - (MISC) https://vuldb.com/?id.12582 - Permissions Required, Third Party Advisory, VDB Entry
CVSS v2 : unknown
v3 : unknown
v2 : 4.3
v3 : 5.5
CPE cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*

18 Jun 2022, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-06-18 07:15

Updated : 2024-02-04 22:29


NVD link : CVE-2014-125008

Mitre link : CVE-2014-125008

CVE.ORG link : CVE-2014-125008


JSON object : View

Products Affected

ffmpeg

  • ffmpeg
CWE
CWE-787

Out-of-bounds Write

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer