CVE-2013-0864

The gif_copy_img_rect function in libavcodec/gifdec.c in FFmpeg before 1.1.2 performs an incorrect calculation for an "end pointer," which allows remote attackers to have an unspecified impact via crafted GIF data that triggers an out-of-bounds array access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
ffmpegffmpeg
𝑥
≤ 1.1.1
ffmpegffmpeg
0.3
ffmpegffmpeg
0.3.1
ffmpegffmpeg
0.3.2
ffmpegffmpeg
0.3.3
ffmpegffmpeg
0.3.4
ffmpegffmpeg
0.4.0
ffmpegffmpeg
0.4.2
ffmpegffmpeg
0.4.3
ffmpegffmpeg
0.4.4
ffmpegffmpeg
0.4.5
ffmpegffmpeg
0.4.6
ffmpegffmpeg
0.4.7
ffmpegffmpeg
0.4.8
ffmpegffmpeg
0.4.9:pre1
ffmpegffmpeg
0.5
ffmpegffmpeg
0.5.1
ffmpegffmpeg
0.5.2
ffmpegffmpeg
0.5.3
ffmpegffmpeg
0.5.4
ffmpegffmpeg
0.5.4.5
ffmpegffmpeg
0.5.4.6
ffmpegffmpeg
0.6
ffmpegffmpeg
0.6.1
ffmpegffmpeg
0.6.2
ffmpegffmpeg
0.6.3
ffmpegffmpeg
0.7
ffmpegffmpeg
0.7.1
ffmpegffmpeg
0.7.2
ffmpegffmpeg
0.7.3
ffmpegffmpeg
0.7.4
ffmpegffmpeg
0.7.5
ffmpegffmpeg
0.7.6
ffmpegffmpeg
0.7.7
ffmpegffmpeg
0.7.8
ffmpegffmpeg
0.7.9
ffmpegffmpeg
0.7.11
ffmpegffmpeg
0.7.12
ffmpegffmpeg
0.8.0
ffmpegffmpeg
0.8.1
ffmpegffmpeg
0.8.2
ffmpegffmpeg
0.8.5
ffmpegffmpeg
0.8.5.3
ffmpegffmpeg
0.8.5.4
ffmpegffmpeg
0.8.6
ffmpegffmpeg
0.8.7
ffmpegffmpeg
0.8.8
ffmpegffmpeg
0.8.10
ffmpegffmpeg
0.8.11
ffmpegffmpeg
0.9
ffmpegffmpeg
0.9.1
ffmpegffmpeg
0.10
ffmpegffmpeg
0.10.3
ffmpegffmpeg
0.10.4
ffmpegffmpeg
0.11
ffmpegffmpeg
1.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ffmpeg
bullseye
7:4.3.7-0+deb11u1
fixed
bullseye (security)
7:4.3.8-0+deb11u1
fixed
bookworm
7:5.1.6-0+deb12u1
fixed
bookworm (security)
7:5.1.6-0+deb12u1
fixed
sid
7:7.1-3
fixed
trixie
7:7.1-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ffmpeg
saucy
dne
raring
dne
quantal
dne
precise
dne
lucid
ignored
ffmpeg-extra
saucy
dne
raring
dne
quantal
dne
precise
dne
lucid
ignored
libav
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
lucid
dne
libav-extra
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
lucid
dne
Common Weakness Enumeration
References
http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=9547034f9120187e23ad76424dd4d70247e62212
http://www.ffmpeg.org/security.html
https://security.gentoo.org/glsa/201603-06
http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=9547034f9120187e23ad76424dd4d70247e62212
http://www.ffmpeg.org/security.html
https://security.gentoo.org/glsa/201603-06