Описание
There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libav | removed | package | ||
| libav | postponed | jessie | package |
Примечания
https://bugzilla.libav.org/show_bug.cgi?id=1136
ffmpeg PoC crash fixed but different vector:
https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/c79cf0129edafc388ba1c47cd7b6a620557e48de
Связанные уязвимости
There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.
There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.
There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.