CVE Vulnerabilities

CVE-2013-0855

Published: Dec 07, 2013 | Modified: Apr 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM
root.io minimus.io echohq.com

Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec (ALAC) data, which triggers an out-of-bounds array access.

Affected Software

Name Vendor Start Version End Version
Ffmpeg Ffmpeg * 1.0 (including)
Ffmpeg Ffmpeg 0.3 (including) 0.3 (including)
Ffmpeg Ffmpeg 0.3.1 (including) 0.3.1 (including)
Ffmpeg Ffmpeg 0.3.2 (including) 0.3.2 (including)
Ffmpeg Ffmpeg 0.3.3 (including) 0.3.3 (including)
Ffmpeg Ffmpeg 0.3.4 (including) 0.3.4 (including)
Ffmpeg Ffmpeg 0.4.0 (including) 0.4.0 (including)
Ffmpeg Ffmpeg 0.4.2 (including) 0.4.2 (including)
Ffmpeg Ffmpeg 0.4.3 (including) 0.4.3 (including)
Ffmpeg Ffmpeg 0.4.4 (including) 0.4.4 (including)
Ffmpeg Ffmpeg 0.4.5 (including) 0.4.5 (including)
Ffmpeg Ffmpeg 0.4.6 (including) 0.4.6 (including)
Ffmpeg Ffmpeg 0.4.7 (including) 0.4.7 (including)
Ffmpeg Ffmpeg 0.4.8 (including) 0.4.8 (including)
Ffmpeg Ffmpeg 0.4.9-pre1 (including) 0.4.9-pre1 (including)
Ffmpeg Ffmpeg 0.5 (including) 0.5 (including)
Ffmpeg Ffmpeg 0.5.1 (including) 0.5.1 (including)
Ffmpeg Ffmpeg 0.5.2 (including) 0.5.2 (including)
Ffmpeg Ffmpeg 0.5.3 (including) 0.5.3 (including)
Ffmpeg Ffmpeg 0.5.4 (including) 0.5.4 (including)
Ffmpeg Ffmpeg 0.5.4.5 (including) 0.5.4.5 (including)
Ffmpeg Ffmpeg 0.5.4.6 (including) 0.5.4.6 (including)
Ffmpeg Ffmpeg 0.6 (including) 0.6 (including)
Ffmpeg Ffmpeg 0.6.1 (including) 0.6.1 (including)
Ffmpeg Ffmpeg 0.6.2 (including) 0.6.2 (including)
Ffmpeg Ffmpeg 0.6.3 (including) 0.6.3 (including)
Ffmpeg Ffmpeg 0.7 (including) 0.7 (including)
Ffmpeg Ffmpeg 0.7.1 (including) 0.7.1 (including)
Ffmpeg Ffmpeg 0.7.2 (including) 0.7.2 (including)
Ffmpeg Ffmpeg 0.7.3 (including) 0.7.3 (including)
Ffmpeg Ffmpeg 0.7.4 (including) 0.7.4 (including)
Ffmpeg Ffmpeg 0.7.5 (including) 0.7.5 (including)
Ffmpeg Ffmpeg 0.7.6 (including) 0.7.6 (including)
Ffmpeg Ffmpeg 0.7.7 (including) 0.7.7 (including)
Ffmpeg Ffmpeg 0.7.8 (including) 0.7.8 (including)
Ffmpeg Ffmpeg 0.7.9 (including) 0.7.9 (including)
Ffmpeg Ffmpeg 0.7.11 (including) 0.7.11 (including)
Ffmpeg Ffmpeg 0.7.12 (including) 0.7.12 (including)
Ffmpeg Ffmpeg 0.8.0 (including) 0.8.0 (including)
Ffmpeg Ffmpeg 0.8.1 (including) 0.8.1 (including)
Ffmpeg Ffmpeg 0.8.2 (including) 0.8.2 (including)
Ffmpeg Ffmpeg 0.8.5 (including) 0.8.5 (including)
Ffmpeg Ffmpeg 0.8.5.3 (including) 0.8.5.3 (including)
Ffmpeg Ffmpeg 0.8.5.4 (including) 0.8.5.4 (including)
Ffmpeg Ffmpeg 0.8.6 (including) 0.8.6 (including)
Ffmpeg Ffmpeg 0.8.7 (including) 0.8.7 (including)
Ffmpeg Ffmpeg 0.8.8 (including) 0.8.8 (including)
Ffmpeg Ffmpeg 0.8.10 (including) 0.8.10 (including)
Ffmpeg Ffmpeg 0.8.11 (including) 0.8.11 (including)
Ffmpeg Ffmpeg 0.9 (including) 0.9 (including)
Ffmpeg Ffmpeg 0.9.1 (including) 0.9.1 (including)
Ffmpeg Ffmpeg 0.10 (including) 0.10 (including)
Ffmpeg Ffmpeg 0.10.3 (including) 0.10.3 (including)
Ffmpeg Ffmpeg 0.10.4 (including) 0.10.4 (including)
Ffmpeg Ffmpeg 0.11 (including) 0.11 (including)
Ffmpeg Ubuntu lucid *
Ffmpeg-extra Ubuntu lucid *

References