CVE-2016-2213

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 2.8.6

Description The issue is caused by a buffer overflow in the jpeg2000 decode tile function of the FFmpeg library. This can be exploited by a remote attacker using specially crafted JPEG 2000 data, potentially leading to a denial of service due to out-of-bounds array read access.

Recommendations For FFmpeg versions prior to 2.8.6, update to version 2.8.6 or later to resolve the issue. As a temporary workaround, consider restricting the use of the jpeg2000 decode tile function until a patch is applied. Avoid processing untrusted JPEG 2000 data with the affected FFmpeg versions.