This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
NVD reports :
The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg
before 2.8.4 does not validate the number of decomposition levels
before proceeding with Discrete Wavelet Transform decoding, which
allows remote attackers to cause a denial of service (out-of-bounds
array access) or possibly have unspecified other impact via crafted
JPEG 2000 data.
The ff_get_buffer function in libavcodec/utils.c in FFmpeg before
2.8.4 preserves width and height values after a failure, which allows
remote attackers to cause a denial of service (out-of-bounds array
access) or possibly have unspecified other impact via a crafted .mov
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5