CVE-2008-3162 - OpenCVE

Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Ffmpeg	Ffmpeg

Configuration 1 [-]

OR	cpe:2.3:a:ffmpeg:ffmpeg:0.3:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:::::::*
	cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:::::::*

References

Link	Resource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489965
http://secunia.com/advisories/30994	Vendor Advisory
http://secunia.com/advisories/31268
http://secunia.com/advisories/34385
http://secunia.com/advisories/34905
http://security.gentoo.org/glsa/glsa-200903-33.xml
http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993
http://www.debian.org/security/2009/dsa-1781
http://www.mandriva.com/security/advisories?name=MDVSA-2008:157
http://www.openwall.com/lists/oss-security/2008/07/09/9
http://www.openwall.com/lists/oss-security/2008/07/16/4
http://www.securityfocus.com/bid/30154
http://www.ubuntu.com/usn/usn-630-1
http://www.vupen.com/english/advisories/2008/2031/references
https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-07-14T23:00:00

Updated: 2008-07-28T09:00:00

Reserved: 2008-07-14T00:00:00

Link: CVE-2008-3162

JSON object: View

NVD Information

Status : Modified

Published: 2008-07-14T23:41:00.000

Modified: 2018-10-30T16:25:34.370

Link: CVE-2008-3162

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-07-09T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2008-07-28T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "30154", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30154"}, {"name": "USN-630-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-630-1"}, {"name": "DSA-1781", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1781"}, {"name": "[oss-security] 20080710 CVE id request: libavformat", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2008/07/09/9"}, {"name": "31268", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31268"}, {"name": "30994", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30994"}, {"name": "ADV-2008-2031", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2031/references"}, {"name": "34905", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34905"}, {"name": "[oss-security] 20080716 Re: CVE id request: libavformat", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2008/07/16/4"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489965"}, {"name": "34385", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34385"}, {"name": "GLSA-200903-33", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200903-33.xml"}, {"name": "MDVSA-2008:157", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:157"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-3162", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "30154", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30154"}, {"name": "USN-630-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-630-1"}, {"name": "DSA-1781", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1781"}, {"name": "[oss-security] 20080710 CVE id request: libavformat", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2008/07/09/9"}, {"name": "31268", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31268"}, {"name": "30994", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30994"}, {"name": "ADV-2008-2031", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2031/references"}, {"name": "34905", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34905"}, {"name": "[oss-security] 20080716 Re: CVE id request: libavformat", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2008/07/16/4"}, {"name": "https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311", "refsource": "CONFIRM", "url": "https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489965", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489965"}, {"name": "34385", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34385"}, {"name": "GLSA-200903-33", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200903-33.xml"}, {"name": "MDVSA-2008:157", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:157"}, {"name": "http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993", "refsource": "CONFIRM", "url": "http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-3162", "datePublished": "2008-07-14T23:00:00", "dateReserved": "2008-07-14T00:00:00", "dateUpdated": "2008-07-28T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2649A80-4739-4BBB-AB0B-99AD435BE7CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4A2E77D-B826-4B49-ADC8-7F704E149A5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "18157837-4550-45E3-A12E-AE06E047E253", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "3A20789F-26E3-4871-B24E-25E922BADDF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "6AE6D368-0BA6-4499-B7E1-EE16C03012E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "26C0F6EF-0452-4AFE-AF3E-B88F963A0938", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "733C03D7-2780-4D69-A98D-BCFB91D1119A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "E6979C17-0BC6-47D1-9B73-254D84306A96", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "204C7C05-3441-4DB0-8702-D99C8FCB381E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "5CD897CA-4F73-437B-9649-951DD2D37B51", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n str_read_packet de libavformat/psxstr.c de FFmpeg anterior a r13993 , permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero STR manipulado que intercala los sectores de audio y v\u00eddeo."}], "id": "CVE-2008-3162", "lastModified": "2018-10-30T16:25:34.370", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-07-14T23:41:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489965"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30994"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/31268"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/34385"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/34905"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200903-33.xml"}, {"source": "cve@mitre.org", "url": "http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1781"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:157"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2008/07/09/9"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2008/07/16/4"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/30154"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-630-1"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2031/references"}, {"source": "cve@mitre.org", "url": "https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}