CVE-2017-14795
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with hls_pcm_sample in hevc.c in libavcodec in FFmpeg and put_pcm_var in hevcdsp_template.c in libavcodec in FFmpeg.
La función hevc_write_frame en libbpg.c en libbpg 0.9.7 permite que los atacantes remotos causen una denegación de servicio (lectura fuera de límites y cierre inesperado de la aplicación) o posiblemente otro impacto no especificado mediante un archivo BPG manipulado relacionado con la interacción incorrecta con hls_pcm_sample en hevc.c en libavcodec en FFmpeg y put_pcm_var en hevcdsp_template.c en libavcodec en FFmpeg.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-09-27 CVE Reserved
- 2017-09-27 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://github.com/leonzhao7/vulnerability/blob/master/An%20Out-of-Bounds%20Read%20%28DoS%29%20Vulnerability%20in%20hevc.c%20of%20libbpg.md | 2024-08-05 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Libbpg Project Search vendor "Libbpg Project" | Libbpg Search vendor "Libbpg Project" for product "Libbpg" | 0.9.7 Search vendor "Libbpg Project" for product "Libbpg" and version "0.9.7" | - |
Affected
|