Back to search
CVE-2013-7020
Published: Dec 9, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-3027
vendor-advisory
x_refsource_DEBIAN
61389
third-party-advisory
x_refsource_SECUNIA
MDVSA-2014:227
vendor-advisory
x_refsource_MANDRIVA
GLSA-201603-06
vendor-advisory
x_refsource_GENTOO
http://ffmpeg.org/security.html
x_refsource_CONFIRM
[oss-security] 20131208 Re: CVE Request: FFmpeg 2.1 multiple problems
mailing-list
x_refsource_MLIST
[oss-security] 20131126 CVE Request: FFmpeg 2.1 multiple problems
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now