QwikSec

Security Database

CVE

CWE

Training

CVE-2013-7009

Published: Dec 9, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/FFmpeg/FFmpeg/commit/3819db745da2ac7fb3faacb116788c32f4753f34

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

http://ffmpeg.org/security.html

x_refsource_CONFIRM

[oss-security] 20131208 Re: CVE Request: FFmpeg 2.1 multiple problems

mailing-list

x_refsource_MLIST

https://trac.ffmpeg.org/ticket/2850

x_refsource_CONFIRM

[oss-security] 20131126 CVE Request: FFmpeg 2.1 multiple problems

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2013-7009 - Security Vulnerability | QwikSec