CVE-2014-9604

Published: 1/16/2015 Last updated: 8/6/2024 Reserved: 1/16/2015

libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (3)

conf-ffmpeg ffmpeg opus

Products affected (1)

Product	Vendor	Version
n/a	n/a	PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier

References (6)

http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3881606240953b9275a247a1c98a567f3c44890f
http://www.ubuntu.com/usn/USN-2534-1
https://security.gentoo.org/glsa/201603-06
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3881606240953b9275a247a1c98a567f3c44890f
http://www.ubuntu.com/usn/USN-2534-1
https://security.gentoo.org/glsa/201603-06