Vulnerability Name:

CVE-2010-4705 (CCN-64671)

Assigned:2011-01-12
Published:2011-01-12
Updated:2011-05-24
Summary:Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types.
Note: this might overlap CVE-2011-0480.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-189
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2010-4704

Source: MITRE
Type: CNA
CVE-2010-4705

Source: MITRE
Type: CNA
CVE-2011-0480

Source: CONFIRM
Type: Patch
http://git.ffmpeg.org/?p=ffmpeg.git;a=commit;h=366d919016a679d3955f6fe5278fa7ce4f47b81e

Source: CCN
Type: Google Chrome Releases Web site
Chrome Stable Release

Source: CCN
Type: SA42850
Google Chrome Multiple Vulnerabilities

Source: CCN
Type: SA42951
SRWare Iron Multiple Vulnerabilities

Source: CCN
Type: SA43197
FFmpeg Vorbis Decoder Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
43323

Source: DEBIAN
Type: UNKNOWN
DSA-2165

Source: DEBIAN
Type: DSA-2165
ffmpeg-debian -- buffer overflow

Source: DEBIAN
Type: DSA-2306
ffmpeg -- several vulnerabilities

Source: CCN
Type: OSVDB ID: 70463
FFmpeg Vorbis Decoder vorbis_dec.c WebM File Handling Multiple Overflow DoS

Source: CCN
Type: OSVDB ID: 70650
FFmpeg Vorbis Decoder libavcodec/vorbis_dec.c vorbis_floor0_decode Function OGG File Handling Remote DoS

Source: CCN
Type: OSVDB ID: 70651
FFmpeg Vorbis Decoder libavcodec/vorbis_dec.c vorbis_residue_decode_internal Function Overflow

Source: CCN
Type: BID-45788
Google Chrome prior to 8.0.552.237 Multiple Security Vulnerabilities

Source: BID
Type: UNKNOWN
46294

Source: CCN
Type: BID-46294
FFmpeg Integer Overflow and Denial of Service Vulnerabilities

Source: CCN
Type: BID-47154
FFmpeg Vorbis Decoder 'vorbis_dec.c' Multiple Buffer Overflow Vulnerabilities

Source: XF
Type: UNKNOWN
chrome-vorbis-bo(64671)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ffmpeg:ffmpeg:0.6:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_7:-:-:*:*:ultimate_n:*:x64:*
  • OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:*
  • OR cpe:/a:google:chrome:8.0.549.0:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:8.0.550.0:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:8.0.551.0:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:8.0.552.0:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:ffmpeg:ffmpeg:0.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:ffmpeg:ffmpeg:0.8.7:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:12955
    P
    		DSA-2165-1 ffmpeg-debian -- buffer overflow
    2014-06-23
    BACK
    ffmpeg ffmpeg 0.6
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows xp sp2
    microsoft windows vista - sp1
    microsoft windows vista - sp1
    microsoft windows server 2008 -
    microsoft windows server 2008 -
    microsoft windows server 2008 -
    microsoft windows xp sp3
    microsoft windows vista - sp2
    microsoft windows vista - sp2
    microsoft windows server 2008 sp2
    microsoft windows server 2008 sp2
    microsoft windows 7 -
    microsoft windows 7 -
    microsoft windows server 2008 - r2
    microsoft windows server 2008 r2
    microsoft windows server 2008
    google chrome 8.0.549.0
    google chrome 8.0.550.0
    google chrome 8.0.551.0
    google chrome 8.0.552.0
    ffmpeg ffmpeg 0.4.8
    ffmpeg ffmpeg 0.4.7
    ffmpeg ffmpeg 0.4.6
    ffmpeg ffmpeg 0.4.9
    ffmpeg ffmpeg 0.8.7