CVE-2014-4610 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-4610 PUBLISHED CVSS 8.800000190734863 HIGH

Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before 2.0.5, 2.1.x before 2.1.5, and 2.2.x before 2.2.4 allows remote attackers to execute arbitrary code via a crafted Literal Run.

EPSS 2.98% · 86.4th percentile

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

2.98%

86.4th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
ffmpeg	ffmpeg	0, 1.1, 1.2

Timeline

Jan 14, 2020 CVE Published
Feb 4, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Jun 3, 2023 EPSS Score
Oct 1, 2023 EPSS Score
Aug 6, 2024 CVE Updated
Dec 17, 2024 EPSS Score
Mar 17, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Mar 30, 2025 EPSS Score
Mar 31, 2025 EPSS Score
Apr 13, 2025 EPSS Score

References

Open in Interactive Console →