The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with hls_pcm_sample in hevc.c in libavcodec in FFmpeg and put_pcm_var in hevcdsp_template.c in libavcodec in FFmpeg.
References
Link | Resource |
---|---|
https://github.com/leonzhao7/vulnerability/blob/master/An%20Out-of-Bounds%20Read%20%28DoS%29%20Vulnerability%20in%20hevc.c%20of%20libbpg.md | Exploit Third Party Advisory |
Configurations
Information
Published : 2017-09-27 18:29
Updated : 2017-09-30 03:17
NVD link : CVE-2017-14795
Mitre link : CVE-2017-14795
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
libbpg_project
- libbpg