Vulnerabilities > CVE-2013-4358 - Unspecified vulnerability in Ffmpeg
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to cause a denial of service (crash) via vectors related to alternating bit depths in H.264 data.
Vulnerable Configurations
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 62440 CVE(CAN) ID: CVE-2013-4358 FFmpeg是一个免费的可以执行音讯和视讯多种格式的录影、转档、串流功能的软件。 FFmpeg 0.11.3的libavcodec H.264代码存在安全漏洞,攻击者可利用此漏洞在受影响用户上下文中执行任意代码,越界读写。 0 FFmpeg 0.11.3 厂商补丁: FFmpeg ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://ffmpeg.org/security.html |
id | SSV:61041 |
last seen | 2017-11-19 |
modified | 2013-09-23 |
published | 2013-09-23 |
reporter | Root |
title | FFmpeg 'libavcodec'越界内存访问漏洞(CVE-2013-4358) |