CVE-2018-7557

Published February 28th, 2018

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.

FFmpeg/FFmpeg

Mirror of https://git.ffmpeg.org/ffmpeg.git

GitHub

61.4K