Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg up to and including 1.1.3, as used in Google Chrome prior to 25.0.1364.97 on Windows and Linux and prior to 25.0.1364.99 on Mac OS X and other products, allows remote malicious users to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
ffmpeg ffmpeg |
||
opensuse opensuse 12.2 |
||
opensuse opensuse 12.1 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 12.04 |