CVE-2013-0861

medium

Description

The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout.

References

http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=43c6b45a53a186a187f7266e4d6bd3c2620519f1

http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=4cd1dad91ae97fe1f0dd534c3f5566787566f137

http://www.ffmpeg.org/security.html

https://security.gentoo.org/glsa/201603-06

Details

Source: MITRE

Published: 2013-11-23

Updated: 2016-12-03

Type: CWE-119

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM