CVE-2023-51793

HIGH

Ffmpeg <N113007-g8d24a28d06 - Buffer Overflow

Title source: llm

Description

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.

References (7)

Core 7

Core References

Product

https://ffmpeg.org/

Issue Tracking

https://trac.ffmpeg.org/ticket/10743

Mailing List

https://lists.fedoraproject.org/archives/list/[email protected]/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

Mailing List

https://lists.fedoraproject.org/archives/list/[email protected]/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

Mailing List vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

Mailing List vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

Mailing List vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

Scores

CVSS v3 7.8

EPSS 0.0003

EPSS Percentile 9.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-120

Status published

Products (12)

ffmpeg/ffmpeg 7.0

ffmpeg/ffmpeg 7.0.1

ffmpeg/ffmpeg 7.0.2

ffmpeg/ffmpeg 7.0.3

ffmpeg/ffmpeg 7.1 (2 CPE variants)

ffmpeg/ffmpeg 7.1.1

ffmpeg/ffmpeg 7.1.2

ffmpeg/ffmpeg 7.1.3

ffmpeg/ffmpeg 7.2 dev

ffmpeg/ffmpeg 8.0

... and 2 more

Published Apr 19, 2024

Tracked Since Feb 18, 2026