Out-of-bounds Array Access Vulnerability in ljpeg_decode_yuv_scan Function in FFmpeg

Out-of-bounds Array Access Vulnerability in ljpeg_decode_yuv_scan Function in FFmpeg

CVE-2015-8216 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data.

Learn more about our Web Application Penetration Testing UK.