The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg prior to 2.7.2 does not initialize certain structure members, which allows remote malicious users to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 RealVideo data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 12.04 |
||
ffmpeg ffmpeg |