CVE Reference: CVE-2013-3671

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2013-3671

Description:
The format_line function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via crafted data that triggers a log message.

CVE Status:
Candidate

References:

CONFIRM
  http://ffmpeg.org/security.html
  http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7edb984dd051b6919d7d8471c70499273f31b0fa
  http://git.videolan.org/?p=ffmpeg.git;a=commit;h=cc0dd86580b3257f22a4981a79eb5fa6804182b6


Return to the previous page.