Memory-allocation failure vulnerability in FFmpeg's ff_frame_thread_init function

Memory-allocation failure vulnerability in FFmpeg's ff_frame_thread_init function

CVE-2015-6825 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via a crafted file, as demonstrated by an AVI file.

Learn more about our Web Application Penetration Testing UK.