ffmpeg -- out-of-bounds array access

ID 80C66AF0-D1C5-449E-BD31-63B12525FF88
Type freebsd
Reporter FreeBSD
Modified 2018-03-25T00:00:00


NVD reports:

The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.