mencoder: denial of service

ID ASA-201605-12
Type archlinux
Reporter Arch Linux
Modified 2016-05-07T00:00:00


A vulnerability has been discovered that is leading to a crash when playing a fuzzed gif file. The gif demuxes assumed in many places that width*height is <= INT_MAX, however this was not always true and was leading to an integer overflow.