#VU110590 Buffer overflow in FFmpeg - CVE-2015-3395
Vulnerability identifier: #VU110590
Vulnerability risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
FFmpeg
Universal components / Libraries /
Libraries used by multiple products
Vendor: ffmpeg.sourceforge.net
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.
Mitigation
Install update from vendor's website.
Vulnerable software versions
FFmpeg: 2.0.6, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8, 2.2.9, 2.2.10, 2.2.11, 2.2.12, 2.2.13, 2.2.14, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.5, 2.5.1, 2.5.2, 2.5.3, 2.5.4, 2.5.5, 2.6, 2.6.1
External links
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7e1367f58263593e6cee3c282f7277d7ee9d553
https://www.debian.org/security/2015/dsa-3288
https://www.securityfocus.com/bid/74433
https://www.ubuntu.com/usn/USN-2944-1
https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.4
https://security.gentoo.org/glsa/201603-06
https://security.gentoo.org/glsa/201705-08
https://www.ffmpeg.org/security.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
