Integer Overflow or Wraparound in rockcarry/ffjpeg

Valid
Reported on May 14th 2021

✍️ Description

An exploitable heap overflow vulnerability exists in function bmp_load() in bmp.c.

🕵️‍♂️ Proof of Concept

make
./ffjpeg -e poc

💥 Impact

This vulnerability is capable of Code execution