CVE-2013-0866

Published: Nov 23, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large number of channels in an AAC file, which triggers an out-of-bounds array access.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=c459c7b23efffab762560e41ad6a2c0dbbfd4915

x_refsource_CONFIRM

DSA-2793

vendor-advisory

x_refsource_DEBIAN

http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=47e462eecc0a47ad40f59376199f93f227e21d13

x_refsource_CONFIRM

http://www.ffmpeg.org/security.html

x_refsource_CONFIRM

GLSA-201603-06

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-0866

Description

Affected Products

References