sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2011-07-07 14:55
Updated : 2011-09-21 20:31
NVD link : CVE-2011-1931
Mitre link : CVE-2011-1931
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
ffmpeg
- libavcodec
- ffmpeg
videolan
- vlc_media_player
libav
- libav