FFmpeg Format String And Multiple Integer Overflow Vulnerabilities

Bugtraq ID:	52935
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 17 2012 12:00AM
Updated:	Mar 19 2015 08:41AM
Credit:	Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Vulnerable:	FFmpeg FFmpeg 0.9.1 FFmpeg FFmpeg 0.9 FFmpeg FFmpeg 0.8.7 -r1 FFmpeg FFmpeg 0.8.7 FFmpeg FFmpeg 0.8.6 FFmpeg FFmpeg 0.8.5 FFmpeg FFmpeg 0.8.3 FFmpeg FFmpeg 0.7.7 FFmpeg FFmpeg 0.7.6 FFmpeg FFmpeg 0.7.4 FFmpeg FFmpeg 0.6.1 FFmpeg FFmpeg 0.4.9 20080909 FFmpeg FFmpeg 0.4.9 -pre1 FFmpeg FFmpeg 0.4.9 -0.pre1.5.1.20060 FFmpeg FFmpeg 0.4.9 FFmpeg FFmpeg 0.4.8 FFmpeg FFmpeg 0.4.7 FFmpeg FFmpeg 0.4.6 FFmpeg FFmpeg 0.8.4 FFmpeg FFmpeg 0.8.2 FFmpeg FFmpeg 0.8.1 FFmpeg FFmpeg 0.7.8 FFmpeg FFmpeg 0.7.5 FFmpeg FFmpeg 0.7.3 FFmpeg FFmpeg 0.7.2 FFmpeg FFmpeg 0.7-rc1 FFmpeg FFmpeg 0.6.3 FFmpeg FFmpeg 0.6 FFmpeg FFmpeg 0.5.4 FFmpeg FFmpeg 0.5.3 FFmpeg FFmpeg 0.5.2 FFmpeg FFmpeg 0.5 FFmpeg FFmpeg 0.49_p20060530 FFmpeg FFmpeg 0.10
Not Vulnerable:	FFmpeg FFmpeg 0.10.1

FFmpeg Format String And Multiple Integer Overflow Vulnerabilities

FFmpeg is prone to a remote format-string vulnerability and multiple integer overflow vulnerabilities because it fails to properly sanitize user-supplied input before passing it as a format specifier to a formatted-printing function.

An attacker may exploit these issues to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition.

Versions prior to FFmpeg 0.10.1 are vulnerable.