libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WMA data.
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
OR
cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* versions up to 2.1.3 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
89899 | GLSA-201603-06 : FFmpeg: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | critical |
82449 | Mandriva Linux Security Advisory : ffmpeg (MDVSA-2015:173) | Nessus | Mandriva Local Security Checks | high |
76437 | Mandriva Linux Security Advisory : ffmpeg (MDVSA-2014:129) | Nessus | Mandriva Local Security Checks | critical |