CVE-2014-125019— FFmpeg Slice Segment decode_nal_unit memory corruption

CVSS 5.3 · Medium EPSS 0.17% · P38 Updated Apr 15, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-125019

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

FFmpeg Slice Segment decode_nal_unit memory corruption

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

内存缓冲区边界内操作的限制不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

FFmpeg 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

FFmpeg是Ffmpeg团队的一套可录制、转换以及流化音视频的完整解决方案。 FFmpeg 2.0 版本存在安全漏洞，该漏洞源于 decode_nal_unit 函数可能导致内存损坏。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
unspecified	FFmpeg	2.0	-

II. Public POCs for CVE-2014-125019

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2014-125019

请登录查看更多情报信息。

https://vuldb.com/?id.12297x_refsource_MISC
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=b25e84b739x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2014-125019

Same Patch Batch · unspecified · 2022-06-19 · 8 CVEs total

CVE-2014-125020	7.3 HIGH	FFmpeg decode_update_thread_context memory corruption
CVE-2014-125024	7.3 HIGH	FFmpeg lag_decode_frame memory corruption
CVE-2014-125018	5.3 MEDIUM	FFmpeg decode_slice_header memory corruption
CVE-2014-125021	5.3 MEDIUM	FFmpeg cmv_process_header memory corruption
CVE-2014-125022	5.3 MEDIUM	FFmpeg Bitstream Buffer shorten_decode_frame memory corruption
CVE-2014-125023	5.3 MEDIUM	FFmpeg Truemotion1 truemotion1_decode_header memory corruption
CVE-2014-125025	5.3 MEDIUM	FFmpeg decode_pulses memory corruption

IV. Related Vulnerabilities

Same product: FFmpeg

Same vendor: unspecified

Same weakness: CWE-119

V. Comments for CVE-2014-125019

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2014-125019— FFmpeg Slice Segment decode_nal_unit memory corruption

I. Basic Information for CVE-2014-125019

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2014-125019

III. Intelligence Information for CVE-2014-125019

Same Patch Batch · unspecified · 2022-06-19 · 8 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2014-125019

Leave a comment