FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ffmpeg -- multiple vulnerabilities

Affected packages
0 <= libav
0 <= gstreamer-ffmpeg
handbrake < 1.2.0
2.8,1 <= ffmpeg < 2.8.4,1
ffmpeg < 2.7.4,1
ffmpeg26 < 2.6.6
ffmpeg25 < 2.5.9
ffmpeg24 < 2.4.12
0 <= ffmpeg-011
0 <= ffmpeg-devel
0 <= ffmpeg0
0 <= ffmpeg1
0 <= ffmpeg2
0 <= ffmpeg23
avidemux <= 2.6.11
avidemux2 <= 2.6.11
avidemux26 <= 2.6.11
kodi < 16.0
mencoder < 1.2.r20151219_1
mplayer < 1.2.r20151219_1
mythtv <= 0.27.5,1
mythtv-frontend <= 0.27.5,1
0 <= plexhometheater

Details

VuXML ID 4bae544d-06a3-4352-938c-b3bcbca89298
Discovery 2015-12-20
Entry 2015-12-28
Modified 2018-03-25

NVD reports:

The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data.

The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file.

References

CVE Name CVE-2015-8662
CVE Name CVE-2015-8663
URL https://ffmpeg.org/security.html
URL https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=75422280fbcdfbe9dc56bde5525b4d8b280f1bc5
URL https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=abee0a1c60612e8638640a8a3738fffb65e16dbf