Vulnerability CVE-2015-3395

Vulnerability Name:

CVE-2015-3395 (CCN-105034)

Assigned:

2015-03-23

Published:

2015-03-23

Updated:

2017-07-01

Summary:

The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Unknown

References:

Source: MITRE
Type: CNA
CVE-2015-3395

Source: CCN
Type: FFmpeg GIT Repository
avcodec/msrledec: restructure msrle_decode_pal4() based on the line number instead

Source: CONFIRM
Type: UNKNOWN
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7e1367f58263593e6cee3c282f7277d7ee9d553

Source: DEBIAN
Type: UNKNOWN
DSA-3288

Source: BID
Type: UNKNOWN
74433

Source: CCN
Type: BID-74433
FFmpeg 'msrledec.c' Out of Bounds Denial of Service Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-2944-1

Source: XF
Type: UNKNOWN
ffmpeg-libav-cve20153395-unspecified(105034)

Source: CONFIRM
Type: Vendor Advisory
https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.4

Source: GENTOO
Type: UNKNOWN
GLSA-201603-06

Source: GENTOO
Type: UNKNOWN
GLSA-201705-08

Source: CCN
Type: Debian Security Advisory DSA-3288-1 libav
DSA-3288-1 libav -- security update

Source: CONFIRM
Type: Vendor Advisory
https://www.ffmpeg.org/security.html

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-3395

Vulnerable Configuration:

Configuration 1:

cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

Configuration 2:

cpe:/a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.0:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.4.0:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.5.0:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.6.0:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:libav:libav:*:*:*:*:*:*:*:* (Version <= 10.6)

OR cpe:/a:libav:libav:11.0:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:11.1:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:11.2:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:11.3:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:libav:libav:10.6:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:11.3:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:112599	P	libav-tools-12.3-1.17 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:106083	P	libav-tools-12.3-1.17 on GA media (Moderate)	2021-10-01
oval:org.cisecurity:def:212	P	DSA-3288-1 -- libav -- security update	2016-02-08
oval:com.ubuntu.cosmic:def:201533950000000	V	CVE-2015-3395 on Ubuntu 18.10 (cosmic) - low.	2015-06-16
oval:com.ubuntu.artful:def:20153395000	V	CVE-2015-3395 on Ubuntu 17.10 (artful) - low.	2015-06-16
oval:com.ubuntu.trusty:def:20153395000	V	CVE-2015-3395 on Ubuntu 14.04 LTS (trusty) - low.	2015-06-16
oval:com.ubuntu.bionic:def:201533950000000	V	CVE-2015-3395 on Ubuntu 18.04 LTS (bionic) - low.	2015-06-16
oval:com.ubuntu.bionic:def:20153395000	V	CVE-2015-3395 on Ubuntu 18.04 LTS (bionic) - low.	2015-06-16
oval:com.ubuntu.xenial:def:20153395000	V	CVE-2015-3395 on Ubuntu 16.04 LTS (xenial) - low.	2015-06-16
oval:com.ubuntu.xenial:def:201533950000000	V	CVE-2015-3395 on Ubuntu 16.04 LTS (xenial) - low.	2015-06-16
oval:com.ubuntu.cosmic:def:20153395000	V	CVE-2015-3395 on Ubuntu 18.10 (cosmic) - low.	2015-06-16
oval:com.ubuntu.disco:def:201533950000000	V	CVE-2015-3395 on Ubuntu 19.04 (disco) - low.	2015-06-16
oval:com.ubuntu.precise:def:20153395000	V	CVE-2015-3395 on Ubuntu 12.04 LTS (precise) - low.	2015-06-16

BACK