DEPRECATED: Code
CVE-2015-8216
Summary
The "ljpeg_decode_yuv_scan" function in "libavcodec/mjpegdec.c" in FFmpeg before 2.4.12, 2.5.x before 2.5.9, 2.6.x before 2.6.5, 2.7.x before 2.7.3, 2.8.x before 2.8.2, 2.9-dev omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- HIGH
CWE-17 - DEPRECATED: Code
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
References
Advisory Timeline
- Published