The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg prior to 2.1.6, 2.2.x up to and including 2.3.x, and 2.4.x prior to 2.4.4 allows remote malicious users to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via an IDAT before an IHDR in a PNG file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ffmpeg ffmpeg 2.3 |
||
ffmpeg ffmpeg 2.3.3 |
||
ffmpeg ffmpeg 2.2 |
||
ffmpeg ffmpeg 2.4.1 |
||
ffmpeg ffmpeg 2.2.4 |
||
ffmpeg ffmpeg 2.3.5 |
||
ffmpeg ffmpeg 2.4.3 |
||
ffmpeg ffmpeg 2.4.2 |
||
ffmpeg ffmpeg 2.3.2 |
||
ffmpeg ffmpeg |
||
ffmpeg ffmpeg 2.3.4 |
||
ffmpeg ffmpeg 2.4 |