English | Deutsch | Espa├▒ol | Portugu├¬s
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 150599 CVE descriptions
and 73533 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.891630
Category:Debian Local Security Checks
Title:Debian LTS Advisory ([SECURITY] [DLA 1630-1] libav security update)
Summary:Several security vulnerabilities were corrected in the libav;multimedia library which may lead to a denial-of-service, information;disclosure or the execution of arbitrary code if a malformed file is;processed.;;CVE-2017-9993;;Libav does not properly restrict HTTP Live Streaming filename;extensions and demuxer names, which allows attackers to read;arbitrary files via crafted playlist data.;;CVE-2017-9994;;libavcodec/webp.c in Libav does not ensure that pix_fmt is set,;which allows remote attackers to cause a denial of service;(heap-based buffer overflow and application crash) or possibly have;unspecified other impact via a crafted file, related to the;vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions.;;CVE-2017-14055;;Denial-of-service in mv_read_header() due to lack of an EOF (End of;File) check might cause huge CPU and memory consumption.;;CVE-2017-14056;;Denial-of-service in rl2_read_header() due to lack of an EOF;(End of File) check might cause huge CPU and memory consumption.;;CVE-2017-14057;;Denial-of-service in asf_read_marker() due to lack of an EOF;(End of File) check might cause huge CPU and memory consumption.;;CVE-2017-14170;;Denial-of-service in mxf_read_index_entry_array() due to lack of an;EOF (End of File) check might cause huge CPU consumption.;;CVE-2017-14171;;Denial-of-service in nsv_parse_NSVf_header() due to lack of an EOF;(End of File) check might cause huge CPU consumption.;;CVE-2017-14767;;The sdp_parse_fmtp_config_h264 function in;libavformat/rtpdec_h264.c mishandles empty sprop-parameter-sets;values, which allows remote attackers to cause a denial of service;(heap buffer overflow) or possibly have unspecified other impact via;a crafted sdp file.;;CVE-2017-15672;;The read_header function in libavcodec/ffv1dec.c allows remote;attackers to have unspecified impact via a crafted MP4 file, which;triggers an out-of-bounds read.;;CVE-2017-17130;;The ff_free_picture_tables function in libavcodec/mpegpicture.c;allows remote attackers to cause a denial of service;(heap-based buffer overflow and application crash) or possibly have;unspecified other impact via a crafted file, related to;vc1_decode_i_blocks_adv.;;CVE-2018-6621;;The decode_frame function in libavcodec/utvideodec.c in Libav allows;remote attackers to cause a denial of service (out of array read);via a crafted AVI file.;;CVE-2018-7557;;The decode_init function in libavcodec/utvideodec.c in;Libav allows remote attackers to cause a denial of service;(Out of array read) via an AVI file with crafted dimensions within;chroma subsampling data.;;CVE-2018-14394;;libavformat/movenc.c in Libav allows attackers to cause a;denial of service (application crash caused by a divide-by-zero;error) with a user crafted Waveform audio file.;;CVE-2018-1999010;;Libav contains multiple out of array access vulnerabilities in the;mms protocol that can result in attackers accessing out of bound;data.
Description:Summary:
Several security vulnerabilities were corrected in the libav
multimedia library which may lead to a denial-of-service, information
disclosure or the execution of arbitrary code if a malformed file is
processed.

CVE-2017-9993

Libav does not properly restrict HTTP Live Streaming filename
extensions and demuxer names, which allows attackers to read
arbitrary files via crafted playlist data.

CVE-2017-9994

libavcodec/webp.c in Libav does not ensure that pix_fmt is set,
which allows remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted file, related to the
vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions.

CVE-2017-14055

Denial-of-service in mv_read_header() due to lack of an EOF (End of
File) check might cause huge CPU and memory consumption.

CVE-2017-14056

Denial-of-service in rl2_read_header() due to lack of an EOF
(End of File) check might cause huge CPU and memory consumption.

CVE-2017-14057

Denial-of-service in asf_read_marker() due to lack of an EOF
(End of File) check might cause huge CPU and memory consumption.

CVE-2017-14170

Denial-of-service in mxf_read_index_entry_array() due to lack of an
EOF (End of File) check might cause huge CPU consumption.

CVE-2017-14171

Denial-of-service in nsv_parse_NSVf_header() due to lack of an EOF
(End of File) check might cause huge CPU consumption.

CVE-2017-14767

The sdp_parse_fmtp_config_h264 function in
libavformat/rtpdec_h264.c mishandles empty sprop-parameter-sets
values, which allows remote attackers to cause a denial of service
(heap buffer overflow) or possibly have unspecified other impact via
a crafted sdp file.

CVE-2017-15672

The read_header function in libavcodec/ffv1dec.c allows remote
attackers to have unspecified impact via a crafted MP4 file, which
triggers an out-of-bounds read.

CVE-2017-17130

The ff_free_picture_tables function in libavcodec/mpegpicture.c
allows remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted file, related to
vc1_decode_i_blocks_adv.

CVE-2018-6621

The decode_frame function in libavcodec/utvideodec.c in Libav allows
remote attackers to cause a denial of service (out of array read)
via a crafted AVI file.

CVE-2018-7557

The decode_init function in libavcodec/utvideodec.c in
Libav allows remote attackers to cause a denial of service
(Out of array read) via an AVI file with crafted dimensions within
chroma subsampling data.

CVE-2018-14394

libavformat/movenc.c in Libav allows attackers to cause a
denial of service (application crash caused by a divide-by-zero
error) with a user crafted Waveform audio file.

CVE-2018-1999010

Libav contains multiple out of array access vulnerabilities in the
mms protocol that can result in attackers accessing out of bound
data.

Affected Software/OS:
libav on Debian Linux

Solution:
For Debian 8 'Jessie', these problems have been fixed in version
6:11.12-1~
deb8u4.

We recommend that you upgrade your libav packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-9993
BugTraq ID: 99315
http://www.securityfocus.com/bid/99315
Debian Security Information: DSA-3957 (Google Search)
http://www.debian.org/security/2017/dsa-3957
https://github.com/FFmpeg/FFmpeg/commit/189ff4219644532bdfa7bab28dfedaee4d6d4021
https://github.com/FFmpeg/FFmpeg/commit/a5d849b149ca67ced2d271dc84db0bc95a548abb
https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-9994
BugTraq ID: 99317
http://www.securityfocus.com/bid/99317
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1434
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1435
https://github.com/FFmpeg/FFmpeg/commit/6b5d3fb26fb4be48e4966e4b1d97c2165538d4ef
Common Vulnerability Exposure (CVE) ID: CVE-2018-6621
BugTraq ID: 102950
http://www.securityfocus.com/bid/102950
Debian Security Information: DSA-4249 (Google Search)
https://www.debian.org/security/2018/dsa-4249
Common Vulnerability Exposure (CVE) ID: CVE-2018-7557
CopyrightCopyright (c) 2019 Greenbone Networks GmbH http://greenbone.net

This is only one of 73533 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.