AVG-1649 log

Package ffmpeg
Status Fixed
Severity Medium
Type arbitrary code execution
Affected 2:4.3.1-4
Fixed 2:4.3.2-1
Current 2:7.1-2 [extra]
Ticket None
Created Fri Mar 5 10:13:28 2021
Issue Severity Remote Type Description
CVE-2020-35964 Medium No Arbitrary code execution
track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of- bounds write because of incorrect extradata packing. The issue is fixed in FFmpeg version 4.3.2.
Date Advisory Package Type
13 Mar 2021 ASA-202103-7 ffmpeg arbitrary code execution