CVE-2014-9604
Published: 16 January 2015
libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions.
Priority
Status
Package | Release | Status |
---|---|---|
ffmpeg Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(7:2.5.1-1)
|
|
utopic |
Does not exist
|
|
vivid |
Not vulnerable
(7:2.5.4-1)
|
|
wily |
Not vulnerable
(7:2.5.4-1)
|
|
Patches: upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f |
||
libav Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Released
(4:0.8.17-0ubuntu0.12.04.1)
|
|
trusty |
Released
(6:9.18-0ubuntu0.14.04.1)
|
|
upstream |
Released
(0.8.17,11.3,10.6,9.18)
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Does not exist
|