DSA-2471-1 ffmpeg -- several issuesID: oval:org.secpod.oval:def:600804 | Date: (C)2012-05-15 (M)2023-11-09 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV, files could lead to the execution of arbitrary code. These issues were discovered by Aki Helin, Mateusz Jurczyk, Gynvael Coldwind, and Michael Niedermayer.