Multiple integer overflows in the process_frame_obj function in libavcodec/sanm.c in FFmpeg before 1.1.2 allow remote attackers to have an unspecified impact via crafted image dimensions in LucasArts Smush video data, which triggers an out-of-bounds array access.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
FFmpeg 0.7.2
FFmpeg 0.5.4
FFmpeg FFmpeg 0.9.1
FFmpeg 0.7.3
FFmpeg 0.7.4
FFmpeg 0.3.1
FFmpeg 0.3.2
FFmpeg 0.5.1
FFmpeg 0.3.3
FFmpeg 0.5.2
FFmpeg 0.3.4
FFmpeg 1.0
FFmpeg 0.8.11
FFmpeg 0.8.5
FFmpeg 0.8.6
FFmpeg 0.8.7
FFmpeg 0.8.10
FFmpeg 0.10.4
FFmpeg 0.10.3
FFmpeg 1.0.3
FFmpeg 0.8.8
FFmpeg 1.0.2
FFmpeg 0.4.8
FFmpeg 1.0.1
FFmpeg 0.8.0
FFmpeg 0.6.2
FFmpeg 0.4.4
FFmpeg 0.8.1
FFmpeg 0.6.3
FFmpeg 0.4.5
FFmpeg 0.8.2
FFmpeg 0.4.6
FFmpeg 0.4.7
FFmpeg 0.4.0
FFmpeg 0.4.2
FFmpeg 0.6.1
FFmpeg 0.4.3
FFmpeg FFmpeg 0.9
FFmpeg 0.7.6
FFmpeg 0.8.5.4
FFmpeg 0.7.7
FFmpeg 0.4.9 pre1
FFmpeg 0.8.5.3
FFmpeg 0.7.8
FFmpeg 0.7
FFmpeg 0.5
FFmpeg 0.3
FFmpeg 0.5.4.5
FFmpeg 0.5.4.6
FFmpeg 0.6
FFmpeg 0.5.3
FFmpeg 0.7.1
FFmpeg 0.7.5
FFmpeg 0.7.12
FFmpeg 0.7.11
FFmpeg 1.1.1
FFmpeg 0.7.9
FFmpeg 0.11
FFmpeg 0.10
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| http://www.ffmpeg.org/security.html | |||
| http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f4fb841... | |||
| GLSA-201603-06 |