Heap-based Buffer Overflow Vulnerabilities in ffjpeg (01.01.2021) Leading to Denial of Service

Heap-based Buffer Overflow Vulnerabilities in ffjpeg (01.01.2021) Leading to Denial of Service

CVE-2021-44956 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file.

Learn more about our Web Application Penetration Testing UK.