VDB-9841 · OSVDB 95370

FFmpeg up to 1.2 libavcodec/indeo3.c copy_cell/decode_cell Local Privilege Escalation

EntryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in FFmpeg up to 1.2 (Multimedia Processing Software) and classified as problematic. Affected by this vulnerability is the function copy_cell/decode_cell of the file libavcodec/indeo3.c. Upgrading to version 9.6 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at git.videolan.org. The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field08/06/2013 11:26 AM05/08/2018 08:59 AM
nameFFmpegFFmpeg
version<=1.2<=1.2
filelibavcodec/indeo3.clibavcodec/indeo3.c
functioncopy_cell/decode_cellcopy_cell/decode_cell
risk11
cvss2_vuldb_basescore4.14.1
cvss2_vuldb_tempscore3.63.6
cvss3_meta_basescore5.35.3
cvss3_meta_tempscore5.15.1
cvss3_vuldb_basescore5.35.3
cvss3_vuldb_tempscore5.15.1
date1367280000 (04/30/2013)1367280000 (04/30/2013)
locationGIT RepositoryGIT Repository
typeGIT CommitGIT Commit
urlhttp://git.videolan.org/gitweb.cgi/ffmpeg.git/?p=ffmpeg.git;a=commit;h=95220be1faac628d849a004644c0d102df0aa98bhttp://git.videolan.org/gitweb.cgi/ffmpeg.git/?p=ffmpeg.git;a=commit;h=95220be1faac628d849a004644c0d102df0aa98b
identifierindeo3: fix off by one in MV validity checkindeo3: fix off by one in MV validity check
disputed00
price_0day$0-$5k$0-$5k
namePatchPatch
date1367280000 (04/30/2013)1367280000 (04/30/2013)
upgrade_version9.69.6
patch_urlhttp://git.videolan.org/gitweb.cgi/ffmpeg.git/?p=ffmpeg.git;a=commit;h=95220be1faac628d849a004644c0d102df0aa98bhttp://git.videolan.org/gitweb.cgi/ffmpeg.git/?p=ffmpeg.git;a=commit;h=95220be1faac628d849a004644c0d102df0aa98b
osvdb9537095370
seealso9840 9839 9838 98379840 9839 9838 9837
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcCC
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss2_vuldb_avLL
cvss2_vuldb_acMM
cvss2_vuldb_auSS
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss3_vuldb_avLL
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
typeMultimedia Processing Software

Interested in the pricing of exploits?

See the underground prices here!