Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FFmpeg 缓冲区错误漏洞
Vulnerability Description
FFmpeg是FFmpeg(Ffmpeg)团队的一套可录制、转换以及流化音视频的完整解决方案。 FFmpeg 4.0.1版本中的libavformat/movenc.c文件的‘handle_eac3’函数存在缓冲区错误漏洞,该漏洞该源于不正确的参数(AVCodecParameters)被传入到‘avpriv_request_sample’函数中。攻击者可借助特制的AVI文件利用该漏洞造成拒绝服务或泄露信息(数组越界读取)。
CVSS Information
N/A
Vulnerability Type
N/A