CVE-2013-0894

NameCVE-2013-0894
DescriptionBuffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh (attack range: remote)
Debian Bugs703200

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
chromium-browser (PTS)wheezy, wheezy (security)37.0.2062.120-1~deb7u1fixed
jessie (security), jessie57.0.2987.98-1~deb8u1fixed
stretch62.0.3202.89-1~deb9u1fixed
stretch (security)64.0.3282.119-1~deb9u1fixed
buster62.0.3202.89-1fixed
sid66.0.3359.26-2fixed
ffmpeg (PTS)stretch (security), stretch7:3.2.10-1~deb9u1fixed
buster, sid7:3.4.2-2fixed
libav (PTS)wheezy6:0.8.17-2fixed
wheezy (security)6:0.8.21-0+deb7u1fixed
jessie6:11.11-1~deb8u1fixed
jessie (security)6:11.12-1~deb8u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
chromium-browsersource(unstable)25.0.1364.97-1high
chromium-browsersourcesqueeze(unfixed)end-of-life
ffmpegsource(unstable)7:2.4.1-1high
ffmpegsourcesqueeze(unfixed)end-of-life
libavsource(unstable)6:0.8.6-1high703200

Notes

[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)

Search for package or bug name: Reporting problems