Launchpad CVE tracker

CVE 2016-7562

The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (buffer overflow) via a crafted AVI file.

Related bugs and status

CVE-2016-7562 (Candidate) is related to these bugs:

Bug #1635443: Sync ffmpeg 7:3.1.5-1 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	1635443	Sync ffmpeg 7:3.1.5-1 (universe) from Debian unstable (main)		ffmpeg (Ubuntu)	Wishlist	Fix Released

Bug #1647226: FFmpeg security fixes December 2016 (xenial)

Summary				In	Importance	Status
	1647226	FFmpeg security fixes December 2016 (xenial)		ffmpeg (Ubuntu Xenial)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2016100...
BID: 94835
GENTOO: GLSA-201701-71

Launchpad.net

CVE 2016-7562

Related bugs and status

Related bugs

References