Numeric Errors

CVE-2014-8549

High

7.3/10

Summary

libavcodec/on2avc.c in FFmpeg 2.3 before 2.3.5, 2.4-dev before 2.4.2 and 2.5-dev does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted On2 data.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: LOW

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

References

Advisory
Release Note

Advisory Timeline

Published Nov 05, 2014

Numeric Errors

CVE-2014-8549

Summary

CWE-189 - Numeric Errors

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS