CVE-2013-0849

Published: 12/7/2013 Last updated: 8/6/2024 Reserved: 1/7/2013

The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted (1) width or (2) height dimension that is not a multiple of sixteen in id RoQ video data.

CNA assigner: Chrome (ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28) Requested by: n/a

Opam packages affected (3)

conf-ffmpeg ffmpeg opus

Products affected (2)

Product	Vendor	Version
n/a	n/a	< bc8fceda3b89006e8a7dda8a097d36045d044c25
n/a	n/a	n/a

References (12)

http://www.debian.org/security/2014/dsa-2855
http://www.ffmpeg.org/security.html
http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=3ae610451170cd5a28b33950006ff0bd23036845
http://www.debian.org/security/2014/dsa-2855
http://www.ffmpeg.org/security.html
http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=3ae610451170cd5a28b33950006ff0bd23036845
http://www.debian.org/security/2014/dsa-2855
http://www.ffmpeg.org/security.html
http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=3ae610451170cd5a28b33950006ff0bd23036845
http://www.debian.org/security/2014/dsa-2855
http://www.ffmpeg.org/security.html
http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=3ae610451170cd5a28b33950006ff0bd23036845