A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image.
References
Link | Resource |
---|---|
https://github.com/rockcarry/ffjpeg/issues/28 | Exploit Third Party Advisory |
Configurations
Information
Published : 2021-05-18 08:15
Updated : 2021-05-24 13:20
NVD link : CVE-2020-23852
Mitre link : CVE-2020-23852
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
ffjpeg_project
- ffjpeg