Critical severity9.8NVD Advisory· Published Apr 14, 2017· Updated Jun 17, 2026
CVE-2017-7866
CVE-2017-7866
Description
FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- osv-coords2 versionspkg:rpm/opensuse/ffmpeg-4&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ffmpeg2&distro=SUSE%20Package%20Hub%2012%20SP1
< 4.4-5.2+ 1 more
- (no CPE)range: < 4.4-5.2
- (no CPE)range: < 2.8.11-12.1
Patches
Vulnerability mechanics
References
3- github.com/FFmpeg/FFmpeg/commit/e371f031b942d73e02c090170975561fabd5c264nvdPatchThird Party Advisory
- www.securityfocus.com/bid/97664nvdThird Party AdvisoryVDB Entry
- bugs.chromium.org/p/oss-fuzz/issues/detailnvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.