CVE-2013-2496

Name of the Vulnerable Software and Affected Versions FFmpeg versions through 1.1.3

Description The issue is related to the msrle decode 8 16 24 32 function in msrledec.c in libavcodec, which does not properly determine certain end pointers. This allows remote attackers to cause a denial of service, such as out-of-bounds array access and application crash, or possibly have other unspecified impacts via crafted Microsoft RLE data.

Recommendations For versions through 1.1.3, consider updating to a version that addresses this issue, as the current version may be susceptible to denial of service or other unspecified impacts due to the improper handling of end pointers in the msrle decode 8 16 24 32 function.