Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12
and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before
0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers
to cause a denial of service (crash) and possibly execute arbitrary code
via a crafted MJPEG-B file.
Author | Note |
---|---|
mdeslaur | ffmpeg-extra in multiverse needs to have matching version libav-extra is built with tarball produced by libav package |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | ffmpeg | < 4:0.5.9-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | upstream | noarch | ffmpeg | < 0.5.9 | UNKNOWN |
ubuntu | upstream | noarch | ffmpeg-extra | < any | UNKNOWN |
ubuntu | 11.04 | noarch | libav | < 4:0.6.6-0ubuntu0.11.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | libav | < 4:0.7.6-0ubuntu0.11.10.1 | UNKNOWN |
ubuntu | upstream | noarch | libav | < 0.6.6,0.7.5,0.8.1 | UNKNOWN |
ubuntu | upstream | noarch | libav-extra | < any | UNKNOWN |