CVE-2014-5271 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-5271 PUBLISHED CVSS 7.5 HIGH

Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.

EPSS 13.02% · 94.0th percentile

Risk Scores

CVSS v2.0

7.5

EPSS Score

13.02%

94.0th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
ffmpeg	ffmpeg	0, 1.1, 1.1.1
libav	libav	0, 0.5, 0.5.1

Timeline

Nov 3, 2014 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score
Oct 22, 2023 EPSS Score

References

111725 vdb
69250 vdb
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=52b81ff4635c077b2bc8b8d3637d933b6629d803 url
GLSA-201603-06 vendor-advisory
https://www.ffmpeg.org/security.html url
https://nvd.nist.gov/vuln/detail/CVE-2014-5271 advisory
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=52b81ff4635c077b2bc8b8d3637d933b6629d803 url

Open in Interactive Console →