CVE-2013-7014 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.8 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:P/I:P/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 79%

Affected Products (NVD)

Vendor	Product	Version
ffmpeg	ffmpeg	𝑥 ≤ 2.0.1
ffmpeg	ffmpeg	0.3
ffmpeg	ffmpeg	0.3.1
ffmpeg	ffmpeg	0.3.2
ffmpeg	ffmpeg	0.3.3
ffmpeg	ffmpeg	0.3.4
ffmpeg	ffmpeg	0.4.0
ffmpeg	ffmpeg	0.4.2
ffmpeg	ffmpeg	0.4.3
ffmpeg	ffmpeg	0.4.4
ffmpeg	ffmpeg	0.4.5
ffmpeg	ffmpeg	0.4.6
ffmpeg	ffmpeg	0.4.7
ffmpeg	ffmpeg	0.4.8
ffmpeg	ffmpeg	0.4.9:pre1
ffmpeg	ffmpeg	0.5
ffmpeg	ffmpeg	0.5.1
ffmpeg	ffmpeg	0.5.2
ffmpeg	ffmpeg	0.5.3
ffmpeg	ffmpeg	0.5.4
ffmpeg	ffmpeg	0.5.4.5
ffmpeg	ffmpeg	0.5.4.6
ffmpeg	ffmpeg	0.5.5
ffmpeg	ffmpeg	0.6
ffmpeg	ffmpeg	0.6.1
ffmpeg	ffmpeg	0.6.2
ffmpeg	ffmpeg	0.6.3
ffmpeg	ffmpeg	0.7
ffmpeg	ffmpeg	0.7.1
ffmpeg	ffmpeg	0.7.2
ffmpeg	ffmpeg	0.7.3
ffmpeg	ffmpeg	0.7.4
ffmpeg	ffmpeg	0.7.5
ffmpeg	ffmpeg	0.7.6
ffmpeg	ffmpeg	0.7.7
ffmpeg	ffmpeg	0.7.8
ffmpeg	ffmpeg	0.7.9
ffmpeg	ffmpeg	0.7.11
ffmpeg	ffmpeg	0.7.12
ffmpeg	ffmpeg	0.8.0
ffmpeg	ffmpeg	0.8.1
ffmpeg	ffmpeg	0.8.2
ffmpeg	ffmpeg	0.8.5
ffmpeg	ffmpeg	0.8.5.3
ffmpeg	ffmpeg	0.8.5.4
ffmpeg	ffmpeg	0.8.6
ffmpeg	ffmpeg	0.8.7
ffmpeg	ffmpeg	0.8.8
ffmpeg	ffmpeg	0.8.10
ffmpeg	ffmpeg	0.8.11
ffmpeg	ffmpeg	0.9
ffmpeg	ffmpeg	0.9.1
ffmpeg	ffmpeg	0.10
ffmpeg	ffmpeg	0.10.3
ffmpeg	ffmpeg	0.10.4
ffmpeg	ffmpeg	0.11
ffmpeg	ffmpeg	1.0
ffmpeg	ffmpeg	1.1.1
ffmpeg	ffmpeg	1.1.2
ffmpeg	ffmpeg	1.1.3
ffmpeg	ffmpeg	1.1.4
ffmpeg	ffmpeg	1.2
ffmpeg	ffmpeg	1.2.1
ffmpeg	ffmpeg	2.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

ffmpeg

bookworm	7:5.1.6-0+deb12u1 fixed
bookworm (security)	7:5.1.6-0+deb12u1 fixed
bullseye	7:4.3.7-0+deb11u1 fixed
bullseye (security)	7:4.3.8-0+deb11u1 fixed
sid	7:7.1-3 fixed
trixie	7:7.1-3 fixed

Ubuntu Releases

Ubuntu Product

Codename

ffmpeg

lucid	ignored
precise	dne
quantal	dne
raring	dne
saucy	dne

Known Exploits!

Common Weakness Enumeration

CWE-189 -

References

http://ffmpeg.org/security.html

http://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v9.11

http://openwall.com/lists/oss-security/2013/11/26/7

http://openwall.com/lists/oss-security/2013/12/08/3

http://www.debian.org/security/2014/dsa-2855

https://github.com/FFmpeg/FFmpeg/commit/86736f59d6a527d8bc807d09b93f971c0fe0bb07

https://security.gentoo.org/glsa/201603-06

https://trac.ffmpeg.org/ticket/2919

http://ffmpeg.org/security.html

http://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v9.11

http://openwall.com/lists/oss-security/2013/11/26/7

http://openwall.com/lists/oss-security/2013/12/08/3

http://www.debian.org/security/2014/dsa-2855

https://github.com/FFmpeg/FFmpeg/commit/86736f59d6a527d8bc807d09b93f971c0fe0bb07

https://security.gentoo.org/glsa/201603-06

https://trac.ffmpeg.org/ticket/2919