CVE-2013-2276 in FFmpeginfo

Summary

The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted audio data.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

02/26/2013

Disclosure

02/27/2013

Moderation

VulDB entry created

Entries

VDB-63649 (1)

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

7.3

EPSS

0.00460

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2013-2276
NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-2276
CVE Details	https://www.cvedetails.com/cve/CVE-2013-2276/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!