Integer overflows in libavcodec/sanm.c in FFmpeg before 1.1.2 leading to out-of-bounds array access in LucasArts Smush video data processing

Integer overflows in libavcodec/sanm.c in FFmpeg before 1.1.2 leading to out-of-bounds array access in LucasArts Smush video data processing

CVE-2013-0862 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Multiple integer overflows in the process_frame_obj function in libavcodec/sanm.c in FFmpeg before 1.1.2 allow remote attackers to have an unspecified impact via crafted image dimensions in LucasArts Smush video data, which triggers an out-of-bounds array access.

Learn more about our Web Application Penetration Testing UK.