QwikSec

Security Database

CVE

CWE

Training

CVE-2018-13301

Published: Jul 5, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/FFmpeg/FFmpeg/commit/2aa9047486dbff12d9e040f917e5f799ed2fd78b

x_refsource_MISC

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.