Integer overflow in the get_len function in libavutil/lzo.c in Libav before 0.8.13, 9.x before 9.14, and 10.x before 10.2 allows remote attackers to execute arbitrary code via a crafted Literal Run.
Software | From | Fixed in |
---|---|---|
libav / libav | - | 0.8.13 |
libav / libav | 10.0 | 10.2 |
libav / libav | 9.0 | 9.14 |