The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote malicious users to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ffmpeg ffmpeg 3.0 |
||
ffmpeg ffmpeg 3.4 |
||
debian debian linux 9.0 |