CVE-2013-3671 — Vulnetix

CVE-2013-3671 PUBLISHED CVSS 4.300000190734863 MEDIUM

The format_line function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via crafted data that triggers a log message.

EPSS 0.50% · 66.4th percentile

Risk Scores

CVSS 2.0

4.300000190734863

EPSS Score

0.50%

66.4th percentile

Affected Products

Vendor	Product	Versions
ffmpeg	ffmpeg	0
n/a	n/a	*

Exploit Intelligence

http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=7edb984dd051b6919d7d8471c70499273f31b0fa (circl)
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=cc0dd86580b3257f22a4981a79eb5fa6804182b6 (circl)
http://ffmpeg.org/security.html (circl)

Timeline

Jun 10, 2013 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score

References

http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=7edb984dd051b6919d7d8471c70499273f31b0fa url
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=cc0dd86580b3257f22a4981a79eb5fa6804182b6 url
http://ffmpeg.org/security.html url
https://nvd.nist.gov/vuln/detail/CVE-2013-3671 advisory
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7edb984dd051b6919d7d8471c70499273f31b0fa url
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=cc0dd86580b3257f22a4981a79eb5fa6804182b6 url

Open in Interactive Console →