Heap-based buffer overflow in the vqa_decode_chunk function in the VQA codec (vqavideo.c) in libavcodec in Libav 0.5.x prior to 0.5.9, 0.6.x prior to 0.6.6, 0.7.x prior to 0.7.6, and 0.8.x prior to 0.8.2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VQA media file in which the image size is not a multiple of the block size.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libav libav 0.6.5 |
||
libav libav 0.5.6 |
||
libav libav 0.7 |
||
libav libav 0.5.7 |
||
libav libav 0.8 |
||
libav libav 0.5.3 |
||
libav libav 0.6.2 |
||
libav libav 0.5 |
||
libav libav 0.7.4 |
||
libav libav 0.7.1 |
||
libav libav 0.8.1 |
||
libav libav 0.5.2 |
||
libav libav 0.5.5 |
||
libav libav 0.6.4 |
||
libav libav 0.6.3 |
||
libav libav 0.7.2 |
||
libav libav 0.5.4 |
||
libav libav 0.7.5 |
||
libav libav 0.7.3 |
||
libav libav 0.6.1 |
||
libav libav 0.6 |
||
libav libav 0.5.1 |