what you don't know can hurt you
Showing 1 - 3 of 3 RSS Feed

CVE-2014-4609

Status Candidate

Overview

Integer overflow in the get_len function in libavutil/lzo.c in Libav before 0.8.13, 9.x before 9.14, and 10.x before 10.2 allows remote attackers to execute arbitrary code via a crafted Literal Run.

Related Files

Gentoo Linux Security Advisory 201502-08
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-8 - Multiple vulnerabilities have been found in Libav, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 9.17 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3934, CVE-2011-3935, CVE-2011-3946, CVE-2013-0848, CVE-2013-0851, CVE-2013-0852, CVE-2013-0860, CVE-2013-0868, CVE-2013-3672, CVE-2013-3674, CVE-2014-4609
MD5 | ae166207a2c30281785e22b2989d13a8
Debian Security Advisory 2977-1
Posted Jul 13, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2977-1 - Don A. Baley discovered an integer overflow in the lzo compression handler which could result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2014-4609
MD5 | 3b56d81d7e1d8a0ebb1e5158028e8656
Mandriva Linux Security Advisory 2014-129
Posted Jul 9, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-129 - Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors related to in decode_ac_filter, and (3) too many bits in decode_channel_residues(). libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted WMA data. The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Microsoft RLE video data. The mpegts_write_pmt function in the MPEG2 transport stream muxer in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write. A use-after-free vulnerability in FFmpeg before 1.1.9 involving seek operations on video data could allow remote attackers to cause a denial of service. An integer overflow can occur when processing any variant of a literal run in the av_lzo1x_decode function. The updated packages have been upgraded to the 0.10.14 version which is not vulnerable to these issues.

tags | advisory, remote, denial of service, overflow, vulnerability
systems | linux, mandriva
advisories | CVE-2012-2795, CVE-2012-5150, CVE-2014-2098, CVE-2014-2099, CVE-2014-2263, CVE-2014-4609, CVE-2014-4610
MD5 | 69a4199b904688c66efd700dbe4f506d
Page 1 of 1
Back1Next

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    2 Files
  • 13
    Jun 13th
    1 Files
  • 14
    Jun 14th
    32 Files
  • 15
    Jun 15th
    34 Files
  • 16
    Jun 16th
    9 Files
  • 17
    Jun 17th
    33 Files
  • 18
    Jun 18th
    11 Files
  • 19
    Jun 19th
    1 Files
  • 20
    Jun 20th
    3 Files
  • 21
    Jun 21st
    2 Files
  • 22
    Jun 22nd
    21 Files
  • 23
    Jun 23rd
    19 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close