The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Motion JPEG data
Reporter | Title | Published | Views | Family All 25 |
---|---|---|---|---|
UbuntuCve | CVE-2015-1872 | 26 Jul 201500:00 | – | ubuntucve |
Cvelist | CVE-2015-1872 | 26 Jul 201522:00 | – | cvelist |
Prion | Out-of-bounds | 26 Jul 201522:59 | – | prion |
Veracode | Denial Of Service (DoS) | 9 Feb 201705:30 | – | veracode |
CVE | CVE-2015-1872 | 26 Jul 201522:59 | – | cve |
Debian CVE | CVE-2015-1872 | 26 Jul 201522:59 | – | debiancve |
OSV | libav - security update | 4 Oct 201600:00 | – | osv |
OSV | libav - security update | 31 Mar 201900:00 | – | osv |
Tenable Nessus | Debian DLA-644-1 : libav security update | 5 Oct 201600:00 | – | nessus |
Tenable Nessus | Debian DLA-1740-1 : libav security update | 1 Apr 201900:00 | – | nessus |
Source | Link |
---|---|
git | www.git.videolan.org/ |
securityfocus | www.securityfocus.com/bid/72644 |
ubuntu | www.ubuntu.com/usn/USN-2944-1 |
securitytracker | www.securitytracker.com/id/1033078 |
lists | www.lists.debian.org/debian-lts-announce/2019/03/msg00041.html |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo