2 matches found
FFmpeg 'ivr_read_header()' function denial of service vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ivrreadheader' function in the libavformat/rmdec.c file in FFmpeg version 3.3.3, which stems from the program's failure to adequately detect EOF End ...
CVE-2017-14054
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivrreadheader due to lack of an EOF End of File check might cause huge CPU consumption. When a crafted IVR file, which claims a large "len" field in the header but does not contain sufficient backing data, is provided, the first type==4 loop would...