Total vulnerabilities in the database
The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted TAK (aka Tom's lossless Audio Kompressor) data.
| Software | From | Fixed in |
|---|---|---|
| ffmpeg / ffmpeg | 2.0 | 2.0.x |
| ffmpeg / ffmpeg | 2.0.3 | 2.0.3.x |
| ffmpeg / ffmpeg | 2.0.2 | 2.0.2.x |
| ffmpeg / ffmpeg | - | 2.1.3.x |
| ffmpeg / ffmpeg | 2.0.1 | 2.0.1.x |
| ffmpeg / ffmpeg | 2.1.1 | 2.1.1.x |
| ffmpeg / ffmpeg | 2.1 | 2.1.x |
| ffmpeg / ffmpeg | 2.1.2 | 2.1.2.x |