Candidate: CVE-2014-9317
PublicDate: 2014-12-09 23:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9317
 https://www.ffmpeg.org/security.html
Description:
 The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before
 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers
 to cause a denial of service (out-of-bounds heap access) and possibly have
 other unspecified impact via an IDAT before an IHDR in a PNG file.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_ffmpeg:
 upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=79ceaf827be0b070675d4cd0a55c3386542defd8
upstream_ffmpeg: needs-triage
lucid_ffmpeg: ignored (reached end-of-life)
precise_ffmpeg: DNE
trusty_ffmpeg: DNE
trusty/esm_ffmpeg: DNE
utopic_ffmpeg: DNE
vivid_ffmpeg: not-affected (7:2.5.4-1)
devel_ffmpeg: not-affected (7:2.5.4-1)