CVE Reference: CVE-2013-3673

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2013-3673

Description:
The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted GIF data.

CVE Status:
Candidate

References:

CONFIRM
  http://ffmpeg.org/security.html
  http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ee5e97c46e30fb3d6f9f78cc3313dbc06528b37
  http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d23b8462b5a4a9da78ed45c4a7a3b35d538df909


Return to the previous page.