Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9604


Vulnerability Score 7.5 7.5
CVE Id CVE-2014-9604
Last Modified 23 Mar 2015 10:01:00
Published 16 Jan 2015 03:59:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions.

Vulnerable Systems


  • Ffmpeg 2.5.1


CONFIRM -;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f

UBUNTU - USN-2534-1

Last Updated: 27 May 2016 11:07:34