Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote malicious users to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ffmpeg ffmpeg |
||
debian debian linux 5.0 |
||
debian debian linux 4.0 |
||
debian debian linux 6.0 |
||
canonical ubuntu linux 7.10 |
||
canonical ubuntu linux 8.10 |
||
canonical ubuntu linux 8.04 |
||
fedoraproject fedora 10 |
||
fedoraproject fedora 9 |