漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Heap-memory write in FFMPEG
Vulnerability Description
A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting in a small allocation with `av_calloc()`. An attacker can cause remote code execution via a malicious mp4 file. We recommend upgrading past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
FFmpeg 输入验证错误漏洞
Vulnerability Description
FFmpeg是FFmpeg团队的一套可录制、转换以及流化音视频的完整解决方案。 FFmpeg 存在输入验证错误漏洞,该漏洞源于存在堆越界内存写入,攻击者利用该漏洞可以通过恶意 mp4 文件导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A