The mov_read_dref function in libavformat/mov.c in Libav prior to 11.7 and FFmpeg prior to 0.11 allows remote malicious users to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libav libav |
||
ffmpeg ffmpeg |
||
debian debian linux |
||
opensuse leap 42.1 |