FFmpeg Multiple Vulnerabilities
Last Update Date:
15 Oct 2013 16:19
Release Date:
15 Oct 2013
3847
Views
RISK: Medium Risk
TYPE: Clients - Audio & Video
Some vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
- Some errors within libavcodec/vmnc.c can be exploited to cause out of bounds read memory accesses.
- Some integer overflow errors within the "decode_frame()" function (libavcodec/vmnc.c) can be exploited to cause heap-based buffer overflows.
Successful exploitation of vulnerability #2 may allow execution of arbitrary code.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
- FFmpeg 2.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Fixed in the git repository
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with