Out-of-bounds array access vulnerability in h264_slice_header_init function in FFmpeg

Out-of-bounds array access vulnerability in h264_slice_header_init function in FFmpeg

CVE-2015-8661 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted H.264 data.

Learn more about our Web Application Penetration Testing UK.