CVE-2014-9316

Name of the Vulnerable Software and Affected Versions FFMpeg versions prior to 2.1.6 FFMpeg versions 2.2.x through 2.3.x FFMpeg versions 2.4.x prior to 2.4.4

Description The issue allows remote attackers to cause a denial of service and possibly have other unspecified impact via vectors related to LJIF tags in an MJPEG file. This is due to an out-of-bounds heap access in the mjpeg decode app function.

Recommendations For versions prior to 2.1.6, update to version 2.1.6 or later. For versions 2.2.x through 2.3.x, update to a version outside of this range. For versions 2.4.x prior to 2.4.4, update to version 2.4.4 or later.