Multiple vulnerabilities in FFmpeg
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2018-6392 CVE-2018-6621 CVE-2018-7557 CVE-2018-10001 CVE-2018-12458 CVE-2018-13300 CVE-2018-13302 |
| CWE-ID | CWE-125 CWE-617 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
FFmpeg Universal components / Libraries / Libraries used by multiple products |
| Vendor | ffmpeg.sourceforge.net |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU14014
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-6392
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition.
The vulnerability exists in the filter_slice function in libavfilter/vf_transpose.c due to insufficient input validation. A remote attacker can trick the victim into opening a specially crafted MP4 file that submits malicious input, trigger a out-of-bounds read and cause the service to crash.
MitigationUpdate to version 3.4.2.
FFmpeg: 0.3 - 3.4.1
CPE2.3- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.5:*:*:*:*:*:*:*
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/3f621455d62e46745453568d915badd5b1e5bcd5
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c6939f65a116b1ffed345d29d8621ee4ffb32235
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU14015
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-6621
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition.
The vulnerability exists in the decode_frame function in libavcodec/utvideodec.c due to insufficient input validation. A remote attacker can trick the victim into opening a specially crafted AVI file that submits malicious input, trigger a out-of-bounds read and cause the service to crash.
MitigationUpdate to version 3.4.2.
FFmpeg: 0.3 - 3.4.2
CPE2.3- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.6:*:*:*:*:*:*:*
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/118e1b0b3370dd1c0da442901b486689efd1654b
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU11307
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-7557
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the decode_init function due to out-of-bounds read. A remote attacker can trick the victim into opening a specially crafted Audio Video Interleave (AVI) file with the affected application, trigger memory corruption and cause the service to crash.
Install update from vendor's website.
Vulnerable software versionsFFmpeg: 0.5 - 3.4.2
CPE2.3- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.6.2:*:*:*:*:*:*:*
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7414d0bda7763f9bd69c26c068e482ab297c1c96
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU14016
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-10001
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition.
The vulnerability exists in the decode_init function in libavcodec/utvideodec.c due to insufficient input validation. A remote attacker can trick the victim into opening a specially crafted AVI file that submits malicious input, trigger a out-of-bounds read and cause the service to crash.
MitigationUpdate to version 3.4.3.
FFmpeg: 0.3 - 3.4.2
CPE2.3- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg_sourceforge_net:ffmpeg:0.4.7:*:*:*:*:*:*:*
https://git.videolan.org/?p=ffmpeg.git;a=commit;h=47b7c68ae54560e2308bdb6be4fb076c73b93081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Assertion violation
EUVDB-ID: #VU14017
Risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-12458
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c. A remote attacker can supply specially crafted AVI file to MPEG4, trick the victim into converting it, trigger assertion violation and cause the service to crash.
MitigationUpdate to version 4.0.1.
Vulnerable software versionsFFmpeg: 4.0.0
CPE2.3 External linkshttps://github.com/FFmpeg/FFmpeg/commit/e1182fac1afba92a4975917823a5f644bee7e6e8
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU14018
Risk: Low
CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-13300
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c. A remote attacker can supply specially crafted AVI file to MPEG4, trick the victim into converting it, trigger out-of-bounds read and cause the service to crash or possibly access arbitrary data
MitigationUpdate to version 4.0.2.
Vulnerable software versionsFFmpeg: 4.0.1
CPE2.3 External linkshttps://github.com/FFmpeg/FFmpeg/commit/95556e27e2c1d56d9e18f5db34d6f756f3011148
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds read
EUVDB-ID: #VU14019
Risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-13302
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to improper handling of frame types of multiple independent substreams in the handle_eac3 function in libavformat/movenc.c in EAC3_FRAME_TYPE_INDEPENDENT). A remote attacker can supply specially crafted AVI file to MPEG4, trick the victim into converting it, trigger out-of-bounds read and cause the service to crash.
MitigationUpdate to version 4.0.2.
Vulnerable software versionsFFmpeg: 4.0.1
CPE2.3 External linkshttps://github.com/FFmpeg/FFmpeg/commit/ed22dc22216f74c75ee7901f82649e1ff725ba50
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
