FreeBSD : ffmpeg -- 4xm processing memory corruption vulnerability (6733e1bf-125f-11de-a964-0030843d3802)

Secunia reports : Tobias Klein has reported a vulnerability in FFmpeg, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a signedness error within the 'fourxmreadheader' function in libavformat/4xm.c. This can...

Integer overflow

Integer signedness error in the fourxmreadheader function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large currenttrack value, which triggers a NULL pointer dereference...