Skip to main content

Out-of-bounds Write


Severity Medium
Score 5.5/10


A vulnerability has been found in FFmpeg 0.5 through 0.5.13, 0.6 through 0.9.3, 0.10 through 0.10.11, 0.11-dev through 0.11.4, 0.12-dev through 1.0.8, 1.1-dev through 1.1.8, 1.2-dev through 1.2.5, 1.3-dev through 2.0.3, 2.1-dev through 2.1.3 and 2.2-dev classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.

  • LOW
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-787 - Out-of-Bounds Write

Out-of-bounds write vulnerability is a memory access bug that allows software to write data past the end or before the beginning of the intended buffer. This may result in the corruption of data, a crash, or arbitrary code execution.


Advisory Timeline

  • Published