Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL
Codiad 1.2.1
Herac Modern Solutions TuxGuitar 0.4
Codiad 1.3.0
Codiad 1.3.1
Codiad 1.3.10
Libav Libav 0.4.9 Pre1 (not an official CPE)
Codiad 1.2.0
Codiad 1.7.5
Codiad 1.7.0
Codiad 1.6.0
Codiad 1.5.1
Libav Libav 0.3.1 (not an official CPE)
Codiad 1.8.0
Libav Libav 0.3.2 (not an official CPE)
Libav Libav 0.3.3 (not an official CPE)
Libav Libav 0.3.4 (not an official CPE)
Codiad 1.5.0
Libav Libav 0.4.7 (not an official CPE)
Codiad 1.3.2
Libav Libav 0.4.6 (not an official CPE)
Codiad 1.3.3
Libav Libav 0.4.5 (not an official CPE)
Codiad 1.3.12
Libav Libav 0.4.8 (not an official CPE)
Libav Libav 0.4.4 (not an official CPE)
Codiad 1.3.13
Codiad 1.3.11
coffee-inn Coffee Inn (aka lt.lemonlabs.android.coffeeinn) for android 2.0.1
Herac Modern Solutions TuxGuitar 0.8
Cogent Cascade DataHub 6.4.20
Herac Modern Solutions TuxGuitar 1.2
Libav Libav 0.3 (not an official CPE)
Herac Modern Solutions TuxGuitar 0.9.1
Herac Modern Solutions TuxGuitar 0.1-pre
Codiad 1.4.1
Codiad 1.4.0
Codiad 1.8.2
Codiad 1.8.1
Herac Modern Solutions TuxGuitar 0.9
Libav Libav 0.4.2 (not an official CPE)
Codiad 2.0.0
Herac Modern Solutions TuxGuitar 1.1
Libav Libav 0.4.3 (not an official CPE)
Codiad 1.9.0
Herac Modern Solutions TuxGuitar 1.0 release candidate 4
Libav Libav 0.4.0 (not an official CPE)
Codiad 1.3.8
Libav Libav 0.4.1 (not an official CPE)
Codiad 1.3.6