10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
60.7%
The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x
before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x
before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before
0.8.1 has unspecified impact and attack vectors related to “width/height
changing with frame threads.”
Author | Note |
---|---|
mdeslaur | ffmpeg-extra in multiverse needs to have matching version libav-extra is built with tarball produced by libav package libav upstream says fixed multithreaded decoding which was introduced in 0.7, so older releases not affected. |