CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
86.0%
Heap-based buffer overflow in the get_sot function in the J2K decoder
(j2k.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to
cause a denial of service (application crash) via unspecified vectors
related to the curtileno variable.
Author | Note |
---|---|
jdstrand | experimental code |
mdeslaur | code not present in libav and ffmpeg 0.5.x |