CVE-2013-4265

high

Description

The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0.1 has an unspecified impact and remote vectors related to a "wrong return code" and a resultant NULL pointer dereference.

References

http://www.ffmpeg.org/security.html

http://www.openwall.com/lists/oss-security/2013/08/21/11

https://github.com/FFmpeg/FFmpeg/commit/c94f9e854228e0ea00e1de8769d8d3f7cab84a55

https://security.gentoo.org/glsa/201603-06

Details

Source: MITRE

Published: 2013-11-23

Updated: 2016-12-03

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH