Wind River Support Network

HomeDefectsLIN6-7889

Fixed

LIN6-7889 : Security Advisory - ffmpeg - CVE-2013-0855

Created: Jul 7, 2014 Updated: Dec 3, 2018

Resolved Date: Jul 7, 2014

Previous ID: LIN5-19030

Found In Version: 6.0.0.10

Fix Version: 6.0.0.10

Severity: Severe

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec (ALAC) data, which triggers an out-of-bounds array access.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0855

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38