CVE-2015-8663 - OpenCVE

The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Ffmpeg	Ffmpeg

Configuration 1 [-]

cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*

References

Link	Resource
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=abee0a1c60612e8638640a8a3738fffb65e16dbf
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00004.html
http://www.securitytracker.com/id/1034539
https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2015-12-24T01:00:00

Updated: 2018-12-21T10:57:01

Reserved: 2015-12-23T00:00:00

Link: CVE-2015-8663

JSON object: View

NVD Information

Status : Modified

Published: 2015-12-24T01:59:06.020

Modified: 2023-11-07T02:28:38.097

Link: CVE-2015-8663

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-12-23T00:00:00", "descriptions": [{"lang": "en", "value": "The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-12-21T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1034539", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034539"}, {"name": "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html"}, {"name": "openSUSE-SU-2016:0089", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00004.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=abee0a1c60612e8638640a8a3738fffb65e16dbf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-8663", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1034539", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034539"}, {"name": "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html"}, {"name": "openSUSE-SU-2016:0089", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00004.html"}, {"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=abee0a1c60612e8638640a8a3738fffb65e16dbf", "refsource": "CONFIRM", "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=abee0a1c60612e8638640a8a3738fffb65e16dbf"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-8663", "datePublished": "2015-12-24T01:00:00", "dateReserved": "2015-12-23T00:00:00", "dateUpdated": "2018-12-21T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "CCA6A474-DA24-4510-8AAA-5DF2E85B4D88", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file."}, {"lang": "es", "value": "La funci\u00f3n ff_get_buffer en libavcodec/utils.c en FFmpeg en versiones anteriores a la 2.8.4 mantiene los valores de anchura y altura despu\u00e9s de un fallo, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (acceso al array fuera de rango) o posiblemente tener otro impacto no especificad a trav\u00e9s de un archivo .mov manipulado."}], "id": "CVE-2015-8663", "lastModified": "2023-11-07T02:28:38.097", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2015-12-24T01:59:06.020", "references": [{"source": "cve@mitre.org", "url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=abee0a1c60612e8638640a8a3738fffb65e16dbf"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00004.html"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1034539"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}