CVE-2013-0847
Published: 7 December 2013
The ff_id3v2_parse function in libavformat/id3v2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via ID3v2 header data, which triggers an out-of-bounds array access.
Notes
| Author | Note |
|---|---|
| mdeslaur | libav and ffmpeg codebases have diverged to the point of not being able to track both using the same CVE numbers. Marking this CVE as ignored for libav. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
ffmpeg Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
ffmpeg-extra Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
libav Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Ignored
|
|
| quantal |
Ignored
|
|
| raring |
Ignored
|
|
| saucy |
Ignored
|
|
| upstream |
Released
(0.8.7)
|
|
|
Patches: upstream: http://git.libav.org/?p=libav.git;a=commit;h=af4cc2605c7a56ecfd84c264aa2b325020418472 upstream: http://git.libav.org/?p=libav.git;a=commit;h=f4bb72d33db2f12a3b4666c6843479d718ceecaf |
||
|
libav-extra Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Ignored
|
|
| quantal |
Ignored
|
|
| raring |
Ignored
|
|
| saucy |
Ignored
|
|
| upstream |
Needs triage
|
|