6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
FFmpeg is vulnerable to denial of service (DoS) attacks and possibly other attacks. A malicious user can pass a malicious rle image file to the system that can cause an out-of-bounds array access that can cause the system to crash.
git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7e1367f58263593e6cee3c282f7277d7ee9d553
www.debian.org/security/2015/dsa-3288
www.securityfocus.com/bid/74433
www.ubuntu.com/usn/USN-2944-1
git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.4
security.gentoo.org/glsa/201603-06
security.gentoo.org/glsa/201705-08
www.ffmpeg.org/security.html