Skip to main content

Out-of-bounds Write

CVE-2017-7865

Severity High
Score 9.8/10

Summary

FFmpeg prior to 2.4.14, 2.5-dev prior to 2.8.11, 2.9-dev prior to 3.0.6, 3.1-x prior to 3.1.7, 3.2-x prior to 3.2.3, and 3.3-dev has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in "libavcodec/interplayvideo.c" and the avcodec_align_dimensions2 function in "libavcodec/utils.c".

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-787 - Out-of-Bounds Write

Out-of-bounds write vulnerability is a memory access bug that allows software to write data past the end or before the beginning of the intended buffer. This may result in the corruption of data, a crash, or arbitrary code execution.

Advisory Timeline

  • Published