{"id":"MGASA-2014-0464","summary":"Updated ffmpeg packages fix security vulnerabilities","details":"A heap-based buffer overflow in the encode_slice function in\nlibavcodec/proresenc_kostya.c in FFmpeg before 2.0.6 can cause a crash,\nallowing a malicious image file to cause a denial of service (CVE-2014-5271).\n\nlibavcodec/iff.c in FFmpeg before 2.0.6 allows an attacker to have an\nunspecified impact via a crafted iff image, which triggers an out-of-bounds\narray access, related to the rgb8 and rgbn formats (CVE-2014-5272).\n\nlibavcodec/mjpegdec.c in FFmpeg before 2.0.6 considers only dimension\ndifferences, and not bits-per-pixel differences, when determining whether an\nimage size has changed, which allows remote attackers to cause a denial of\nservice (out-of-bounds access) or possibly have unspecified other impact via\ncrafted MJPEG data (CVE-2014-8541).\n\nlibavcodec/utils.c in FFmpeg before 2.0.6 omits a certain codec ID during\nenforcement of alignment, which allows remote attackers to cause a denial of\nservice (out-of-bounds access) or possibly have unspecified other impact via\ncrafted JV data (CVE-2014-8542).\n\nlibavcodec/mmvideo.c in FFmpeg before 2.0.6 does not consider all lines of\nHHV Intra blocks during validation of image height, which allows remote\nattackers to cause a denial of service (out-of-bounds access) or possibly\nhave unspecified other impact via crafted MM video data (CVE-2014-8543).\n\nlibavcodec/tiff.c in FFmpeg before 2.0.6 does not properly validate\nbits-per-pixel fields, which allows remote attackers to cause a denial of\nservice (out-of-bounds access) or possibly have unspecified other impact via\ncrafted TIFF data (CVE-2014-8544).\n\nlibavcodec/pngdec.c in FFmpeg before 2.0.6 accepts the monochrome-black\nformat without verifying that the bits-per-pixel value is 1, which allows\nremote attackers to cause a denial of service (out-of-bounds access) or\npossibly have unspecified other impact via crafted PNG data (CVE-2014-8545).\n\nInteger underflow in libavcodec/cinepak.c in FFmpeg before 2.0.6 allows\nremote attackers to cause a denial of service (out-of-bounds access) or\npossibly have unspecified other impact via crafted Cinepak video data\n(CVE-2014-8546).\n\nlibavcodec/gifdec.c in FFmpeg before 2.0.6 does not properly compute image\nheights, which allows remote attackers to cause a denial of service\n(out-of-bounds access) or possibly have unspecified other impact via crafted\nGIF data (CVE-2014-8547).\n\nOff-by-one error in libavcodec/smc.c in FFmpeg before 2.0.6 allows remote\nattackers to cause a denial of service (out-of-bounds access) or possibly\nhave unspecified other impact via crafted Quicktime Graphics (aka SMC) video\ndata (CVE-2014-8548).\n","modified":"2026-02-01T07:33:43.954799Z","published":"2014-11-21T12:44:16Z","related":["CVE-2014-5271","CVE-2014-5272","CVE-2014-8541","CVE-2014-8542","CVE-2014-8543","CVE-2014-8544","CVE-2014-8545","CVE-2014-8546","CVE-2014-8547","CVE-2014-8548"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0464.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14042"},{"type":"REPORT","url":"http://git.videolan.org/?p=ffmpeg.git;a=log;h=n2.0.6"},{"type":"REPORT","url":"http://ffmpeg.org/olddownload.html"},{"type":"REPORT","url":"http://ffmpeg.org/security.html"},{"type":"REPORT","url":"http://openwall.com/lists/oss-security/2014/08/16/6"}],"affected":[{"package":{"name":"ffmpeg","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/ffmpeg?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.6-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0464.json"}},{"package":{"name":"ffmpeg","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/ffmpeg?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.6-1.mga4.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0464.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}