Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-7019

The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2013112...
MLIST: [oss-security] 2013120...
CONFIRM: http://ffmpeg.org/secu...
CONFIRM: https://github.com/FFm...
CONFIRM: https://trac.ffmpeg.or...
GENTOO: GLSA-201603-06

Launchpad.net

CVE 2013-7019

Related bugs

References