Executive Summary
Summary | |
---|---|
Title | FFmpeg: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201603-06 | First vendor Publication | 2016-03-12 |
Vendor | Gentoo | Last vendor Modification | 2016-03-12 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in FFmpeg, the worst of which could lead to arbitrary code execution or Denial of Service condition. Background Description Impact Workaround Resolution References Availability https://security.gentoo.org/glsa/201603-06 |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201603-06.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
61 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
21 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
16 % | CWE-20 | Improper Input Validation |
2 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20139 | |||
Oval ID: | oval:org.mitre.oval:def:20139 | ||
Title: | DSA-2793-1 libav - several | ||
Description: | Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. The CVE IDs mentioned above are just a small portion of the security issues fixed in this update. A full list of the changes is available at <a href="http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.9">http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.9</a> | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2793-1 CVE-2013-0844 CVE-2013-0850 CVE-2013-0853 CVE-2013-0854 CVE-2013-0857 CVE-2013-0858 CVE-2013-0866 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | libav |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22212 | |||
Oval ID: | oval:org.mitre.oval:def:22212 | ||
Title: | DSA-2855-1 libav - several | ||
Description: | Several security issues have been corrected in multiple demuxers an decoders of the libav multimedia library. The IDs mentioned above are just a portion of the security issues fixed in this update. A full list of the changes is available at<a href="http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.10">http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.10</a> | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2855-1 CVE-2011-3944 CVE-2013-0845 CVE-2013-0846 CVE-2013-0849 CVE-2013-0865 CVE-2013-7010 CVE-2013-7014 CVE-2013-7015 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | libav |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26327 | |||
Oval ID: | oval:org.mitre.oval:def:26327 | ||
Title: | DSA-3027-1 libav - security update | ||
Description: | Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at <a href="http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.15">http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.15</a> | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3027-1 CVE-2013-7020 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | libav |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26464 | |||
Oval ID: | oval:org.mitre.oval:def:26464 | ||
Title: | DSA-3003-1 libav - security update | ||
Description: | Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at <a href="http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.15">http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.15</a> | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3003-1 CVE-2011-3934 CVE-2011-3935 CVE-2011-3946 CVE-2013-0848 CVE-2013-0851 CVE-2013-0852 CVE-2013-0860 CVE-2013-0868 CVE-2013-3672 CVE-2013-3674 CVE-2014-2263 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | libav |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-05-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201705-08.nasl - Type : ACT_GATHER_INFO |
2016-04-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2944-1.nasl - Type : ACT_GATHER_INFO |
2016-03-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201603-06.nasl - Type : ACT_GATHER_INFO |
2015-09-02 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_80c66af0d1c5449ebd3163b12525ff88.nasl - Type : ACT_GATHER_INFO |
2015-06-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3288.nasl - Type : ACT_GATHER_INFO |
2015-06-02 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_65b14d39d01f419cb0b85df60b929973.nasl - Type : ACT_GATHER_INFO |
2015-06-02 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_022255be089511e5a2425404a68ad561.nasl - Type : ACT_GATHER_INFO |
2015-04-06 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_2f75141cda1d11e48d325404a68ad561.nasl - Type : ACT_GATHER_INFO |
2015-03-31 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-173.nasl - Type : ACT_GATHER_INFO |
2015-03-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2534-1.nasl - Type : ACT_GATHER_INFO |
2015-03-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3189.nasl - Type : ACT_GATHER_INFO |
2015-03-09 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-204.nasl - Type : ACT_GATHER_INFO |
2015-02-18 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201502-13.nasl - Type : ACT_GATHER_INFO |
2015-02-09 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201502-08.nasl - Type : ACT_GATHER_INFO |
2015-01-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0093.nasl - Type : ACT_GATHER_INFO |
2015-01-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2476-1.nasl - Type : ACT_GATHER_INFO |
2015-01-23 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_40_0_2214_91.nasl - Type : ACT_GATHER_INFO |
2015-01-23 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : google_chrome_40_0_2214_91.nasl - Type : ACT_GATHER_INFO |
2015-01-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e30e0c99a1b711e4b85c00262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-227.nasl - Type : ACT_GATHER_INFO |
2014-09-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3027.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3003.nasl - Type : ACT_GATHER_INFO |
2014-07-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-129.nasl - Type : ACT_GATHER_INFO |
2014-02-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2855.nasl - Type : ACT_GATHER_INFO |
2013-11-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2793.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-03-15 13:25:11 |
|
2016-03-12 13:32:05 |
|
2016-03-12 13:24:37 |
|