cvedb.io
CVE-2015-3395
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2015-06-16T16:59:04.237 · Last modified 2026-06-17T00:25:52.090

Summary

The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.

Affected products

canonical — ubuntu_linux

Does this affect you?

Add your gear to cvedb and we'll alert you only when canonical ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.