FFmpeg CVE-2017-7862 Heap Buffer Overflow Vulnerability

FFmpeg is prone to a heap-based buffer overflow vulnerability.

Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition.

Information

Bugtraq ID: 97676
Class: Boundary Condition Error
CVE: CVE-2017-7862

Remote: Yes
Local: No
Published: Feb 07 2017 12:00AM
Updated: Apr 17 2017 10:06AM
Credit: The vendor reported this issue.
Vulnerable: FFmpeg FFmpeg 0

Not Vulnerable:

References:

• FFmpeg Homepage (FFmpeg)
  
• avcodec/pictordec: Fix logic error (GitHub)
  
• ffmpeg: Heap-buffer-overflow in decode_frame (chromium)
  

Source: www.securityfocus.com