CVE-2014-2098

libavcodec/wmalosslessdec.c en FFmpeg anterior a 2.1.4 utiliza un tamaño de estructura de datos incorrecto para ciertos coeficientes, lo que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de datos WMA manipulados.

Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors related to in decode_ac_filter, and (3) too many bits in decode_channel_residues(). libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted WMA data. The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Microsoft RLE video data. The mpegts_write_pmt function in the MPEG2 transport stream muxer in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write. A use-after-free vulnerability in FFmpeg before 1.1.9 involving seek operations on video data could allow remote attackers to cause a denial of service. An integer overflow can occur when processing any variant of a literal run in the av_lzo1x_decode function. The updated packages have been upgraded to the 0.10.14 version which is not vulnerable to these issues.