EUVD-2013-6817

Malware in sbrugna...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the getsiz function in jpeg2000dec.c. An attacker can execute arbitrary code or cause a crash by supplying a crafted JPEG2000 file containing a malicious cdef atom. Remediation Upgrade ffmpeg to version 8....

FFmpeg get_siz() function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the Ffmpeg team. A denial of service vulnerability exists in the FFmpeg getsiz function, which can be exploited by attackers to cause a denial of service attack...

Memory corruption

A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function getsiz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue...

UBUNTU-CVE-2014-125003

A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function getsiz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue...

Out-of-bounds

The getsiz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JPEG2000 data...

CVE-2013-7016

The getsiz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JPEG2000 data...