Search for vulnerabilities
Vulnerability details: VCID-mddu-guxm-aaar
Vulnerability ID VCID-mddu-guxm-aaar
Aliases CVE-2023-49502
Summary Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.
Status Published
Exploitability 0.5
Weighted Severity 4.4
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.0013 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.0013 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.0013 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.0013 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.0013 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.0013 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.0013 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00184 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00184 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00184 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00184 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00184 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00184 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00184 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.00447 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
epss 0.01434 https://api.first.org/data/v1/epss?cve=CVE-2023-49502
cvssv3.1 8.8 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2023-49502
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49502
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/FFmpeg/FFmpeg
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/
https://trac.ffmpeg.org/ticket/10688
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
CVE-2023-49502 https://nvd.nist.gov/vuln/detail/CVE-2023-49502
USN-6803-1 https://usn.ubuntu.com/6803-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.16666
EPSS Score 0.00045
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-04-23T17:17:37.528846+00:00 NVD Importer Import https://nvd.nist.gov/vuln/detail/CVE-2023-49502 34.0.0rc4