Skip to main content

Out-of-bounds Write

CVE-2019-17542

Severity High
Score 9.8/10

Summary

FFmpeg prior to 2.8.19, 3.2.x prior to 3.2.17, 3.3.x prior to 3.4.10, 4.1.x prior to 4.1.7, 4.2-dev, and 4.3-dev has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in "libavcodec/vqavideo.c".

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-787 - Out-of-Bounds Write

Out-of-bounds write vulnerability is a memory access bug that allows software to write data past the end or before the beginning of the intended buffer. This may result in the corruption of data, a crash, or arbitrary code execution.

Advisory Timeline

  • Published