Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-0849

Integer overflow in the ff_j2k_dwt_init function in libavcodec/j2k_dwt.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted JPEG2000 image that triggers an incorrect check for a negative value.

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2012020...
MLIST: [oss-security] 2012021...
CONFIRM: http://git.videolan.or...
CONFIRM: http://www.ffmpeg.org/...
CONFIRM: http://ffmpeg.org/secu...
XF: ffmpeg-ffj2kdwtinit-do...

Launchpad.net

CVE 2012-0849

Related bugs

References