libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG data.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | 2.2.0 to 2.2.32 |