CVE-2024-36616

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-36616
An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://gist.github.com/1047524396/ded3e1509d8296ec4a91817867d108e0
https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavformat/westwood_vqa.c#L265
https://github.com/ffmpeg/ffmpeg/commit/86f73277bf014e2ce36dd2594f1e0fb8b3bd6661
Configurations

No configuration.

History

02 Dec 2024, 18:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.5
Summary
  • (es) Un desbordamiento de entero en el componente /libavformat/westwood_vqa.c de FFmpeg n6.1.1 permite a atacantes provocar una denegación de servicio en la aplicación a través de un archivo VQA manipulado.
CWE CWE-190

29 Nov 2024, 19:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-29 19:15

Updated : 2024-12-02 18:15

NVD link : CVE-2024-36616

Mitre link : CVE-2024-36616

CVE.ORG link : CVE-2024-36616

JSON object : View

Products Affected

No product.

CWE
CWE-190

Integer Overflow or Wraparound


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024