CVE-2017-7859

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 2017-03-05

Description The issue is caused by a heap-based buffer overflow related to the ff h264 slice context init function in libavcodec/h264dec.c. This can lead to an out-of-bounds write. The vulnerability may allow a remote attacker to exploit the buffer overflow, potentially enabling them to write beyond the memory boundaries.

Recommendations For FFmpeg versions prior to 2017-03-05, update to a version released after 2017-03-05 to resolve the issue. As a temporary workaround, consider restricting access to the ff h264 slice context init function in libavcodec/h264dec.c until a patch is applied.