Out-of-bounds Access Vulnerability in FFmpeg's PNG Decoder

Out-of-bounds Access Vulnerability in FFmpeg's PNG Decoder

CVE-2014-8545 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG data.

Learn more about our Cis Benchmark Audit For Google Chrome.