Описание
libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Ссылки
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validat ...
libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
EPSS
7.8 High
CVSS3
6.8 Medium
CVSS2