Integer overflow in the ape_decode_frame function in libavcodec/apedec.c in FFmpeg 2.4 up to and including 3.3.2 allows remote malicious users to cause a denial of service (out-of-array access and application crash) or possibly have unspecified other impact via a crafted APE file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ffmpeg ffmpeg |