2 matches found
CVE-2017-9995
libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
CVE-2017-9995
FFmpeg 3.3 before 3.3.1 contains a heap-based buffer overflow in libavcodec/scpr.c due to improper validation of height and width in crafted files, enabling a remote attacker to cause denial of service (application crash). Affected component: FFmpeg’s libavcodec/scpr.c; root cause: inadequate bou...