PT-2013-6233 · FFmpeg · Ffmpeg
Ami_Stuff
·
Publicado
2013-12-09
·
Atualizado
2016-12-03
·
CVE-2013-7013
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
FFmpeg versions prior to 2.1
Description
The issue is related to the g2m init buffers function in libavcodec/g2meet.c, which uses an incorrect ordering of arithmetic operations. This can be exploited by remote attackers using crafted Go2Webinar data, potentially causing a denial of service due to out-of-bounds array access or having other unspecified impacts.
Recommendations
For versions prior to 2.1, update to version 2.1 or later to resolve the issue.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ffmpeg