CVE-2014-9676

2015-02-28T01:59:00
ID CVE-2014-9676
Type cve
Reporter cve@mitre.org
Modified 2016-11-30T02:59:00

Description

The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free. <a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>