Bug 634750 (CVE-2017-7859, CVE-2017-7863, CVE-2017-7865, CVE-2017-7866)

Description GLSAMaker/CVETool Bot 2017-10-19 03:52:52 UTC

CVE-2017-7866 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7866):
  FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based
  buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c.

CVE-2017-7865 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7865):
  FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based
  buffer overflow related to the ipvideo_decode_block_opcode_0xA function in
  libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in
  libavcodec/utils.c.

CVE-2017-7863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7863):
  FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based
  buffer overflow related to the decode_frame_common function in
  libavcodec/pngdec.c.

CVE-2017-7862 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7862):
  FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based
  buffer overflow related to the decode_frame function in
  libavcodec/pictordec.c.

CVE-2017-7859 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7859):
  FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based
  buffer overflow related to the ff_h264_slice_context_init function in
  libavcodec/h264dec.c.