CVE-2013-2276

Published: 2/27/2013 Last updated: 9/17/2024 Reserved: 2/26/2013

The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted audio data.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (3)

conf-ffmpeg ffmpeg opus

Products affected (1)

Product	Vendor	Version
n/a	n/a	n/a

References (2)

http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8a6449167a6da8cb747cfe3502ae86ffaac2ed48
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8a6449167a6da8cb747cfe3502ae86ffaac2ed48