Ffmpeg 'mv_read_header()' function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'mvreadheader' function in the libavformat/mvdec.c file in FFmpeg version 3.3.3, which stems from the program's failure to adequately detect EOF End o...

CVE-2017-14055

In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mvreadheader due to lack of an EOF End of File check might cause huge CPU and memory consumption. When a crafted MV file, which claims a large "nbframes" field in the header but does not contain sufficient backing data, is provided, the loop over t...

Design/Logic Flaw

In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mvreadheader due to lack of an EOF End of File check might cause huge CPU and memory consumption. When a crafted MV file, which claims a large "nbframes" field in the header but does not contain sufficient backing data, is provided, the loop over t...

CVE-2017-14055

In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mvreadheader due to lack of an EOF End of File check might cause huge CPU and memory consumption. When a crafted MV file, which claims a large "nbframes" field in the header but does not contain sufficient backing data, is provided, the loop over t...