FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ffmpeg -- multiple vulnerabilities

Affected packages
0 <= libav
0 <= gstreamer-ffmpeg
0 <= handbrake
2.8,1 <= ffmpeg < 2.8.4,1
ffmpeg < 2.7.4,1
ffmpeg26 < 2.6.6
ffmpeg25 < 2.5.9
ffmpeg24 < 2.4.12
0 <= ffmpeg-011
0 <= ffmpeg-devel
0 <= ffmpeg0
0 <= ffmpeg1
0 <= ffmpeg2
0 <= ffmpeg23
0 <= avidemux
0 <= avidemux2
0 <= avidemux26
kodi < 16.0
mencoder < 1.2.r20151219_1
mplayer < 1.2.r20151219_1
0 <= mythtv
0 <= mythtv-frontend
0 <= plexhometheater

Details

VuXML ID 4bae544d-06a3-4352-938c-b3bcbca89298
Discovery 2015-12-20
Entry 2015-12-28

NVD reports:

The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data.

The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file.

References

CVE Name CVE-2015-8662
CVE Name CVE-2015-8663
URL https://ffmpeg.org/security.html
URL https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=75422280fbcdfbe9dc56bde5525b4d8b280f1bc5
URL https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=abee0a1c60612e8638640a8a3738fffb65e16dbf