The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | <=19.1.8 and <=20.0.5 |