Vulnerabilities > CVE-2014-125012 - Incorrect Conversion between Numeric Types vulnerability in Ffmpeg 2.0

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

ffmpeg

CWE-681

NVD

Published: 2022-06-18

Updated: 2023-11-07

Summary

A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.

Vulnerable Configurations

Part	Description	Count
Application	Ffmpeg Ffmpeg Ffmpeg 2.0	1

Common Weakness Enumeration (CWE)

CWE-681 - Incorrect Conversion between Numeric Types

References

https://vuldb.com/?id.12390
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=a392bf657015c9a79a5a13adfbfb15086c1943b9