DEBIAN-CVE-2013-0848

DEBIAN-CVE-2013-0848 PUBLISHED

The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted width in huffyuv data with the predictor set to median and the colorspace set to YUV422P, which triggers an out-of-bounds array access.

Affected Products

Vendor	Product	Versions
Debian:12	ffmpeg	0, 0, 0
Debian:11	ffmpeg	0, 0, 0
Debian:14	ffmpeg	0, 0, 0
Debian:13	ffmpeg	0, 0, 0

Timeline

Dec 7, 2013 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2013-0848 advisory

Open in Interactive Console →