CVE-2013-7013

Published: 12/9/2013 Last updated: 8/6/2024 Reserved: 12/8/2013

The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (3)

conf-ffmpeg ffmpeg opus

Products affected (1)

Product	Vendor	Version
n/a	n/a	< e3ebc3e23bd9028a8a9a26cbc5985f99be445f65

References (12)

https://trac.ffmpeg.org/ticket/2922
https://security.gentoo.org/glsa/201603-06
http://ffmpeg.org/security.html
http://openwall.com/lists/oss-security/2013/12/08/3
https://github.com/FFmpeg/FFmpeg/commit/821a5938d100458f4d09d634041b05c860554ce0
http://openwall.com/lists/oss-security/2013/11/26/7
https://trac.ffmpeg.org/ticket/2922
https://security.gentoo.org/glsa/201603-06
http://ffmpeg.org/security.html
http://openwall.com/lists/oss-security/2013/12/08/3
https://github.com/FFmpeg/FFmpeg/commit/821a5938d100458f4d09d634041b05c860554ce0
http://openwall.com/lists/oss-security/2013/11/26/7