{"id":"CVE-2013-2277","details":"The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between luma depth and chroma depth, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted H.264 data.","modified":"2026-04-10T03:44:26.606516Z","published":"2013-02-27T16:55:02Z","references":[{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-1790-1"},{"type":"WEB","url":"http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=bdeb61ccc67911cfc5e20c7cfb1312d0501ca90a"}],"schema_version":"1.7.5"}