Search for vulnerabilities
Vulnerability details: VCID-8se2-jdth-aaaj
Vulnerability ID VCID-8se2-jdth-aaaj
Aliases CVE-2014-9604
Summary libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9604.html
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00449 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00519 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
epss 0.00571 https://api.first.org/data/v1/epss?cve=CVE-2014-9604
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7933
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8543
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8544
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8547
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8548
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9604
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2014-9604
generic_textual Medium https://ubuntu.com/security/notices/USN-2534-1
Reference id Reference type URL
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3881606240953b9275a247a1c98a567f3c44890f
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9604.html
https://api.first.org/data/v1/epss?cve=CVE-2014-9604
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8543
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8544
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8547
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8548
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9604
https://security.gentoo.org/glsa/201603-06
https://ubuntu.com/security/notices/USN-2534-1
http://www.ubuntu.com/usn/USN-2534-1
775593 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775593
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
CVE-2014-9604 https://nvd.nist.gov/vuln/detail/CVE-2014-9604
USN-2534-1 https://usn.ubuntu.com/2534-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2014-9604
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.75563
EPSS Score 0.00449
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.