22 matches found
Beward N100 安全漏洞
Beward N100 is an IP video codec from the Russian open source Beward. A security vulnerability exists in Beward N100 H.264 VGA IP Camera version M2.1.6, which stems from insufficient validation of the READ.filePath parameter and could lead to the disclosure of arbitrary files...
EUVD-2015-0810
Malware in sbrugna...
EUVD-2020-5682
Malware in sbrugna...
CVE-2020-13428
A heap-based buffer overflow in the hxxxAnnexBtoxVC function in modules/packetizer/hxxxnal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service application crash or execute arbitrary code via a crafted H.264 Annex-B video .avi for example...
USN-6180-1: VLC media player vulnerabilities
It was discovered that VLC could be made to read out of bounds when decoding image files. If a user were tricked into opening a crafted image file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and...
The vulnerability of Mozilla Firefox, Mozilla Firefox ESR, and the email client Thunderbird arises from the execution of operations outside the buffer during incorrect software rendering of H.264 video. This allows an attacker to execute a DoS attack.
The vulnerability of Mozilla Firefox, Mozilla Firefox ESR, and the email client Thunderbird is related to the execution of operations outside the buffer in memory during incorrect software decoding of H.264 video files. Exploiting this vulnerability can allow an attacker to carry out a DoS attack...
SUSE CVE-2015-0797
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service buffer over-read and application crash or possibly execute arbitrary code via crafted H.264 video data in an m4v...
CVE-2020-13428
A heap-based buffer overflow in the hxxxAnnexBtoxVC function in modules/packetizer/hxxxnal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service application crash or execute arbitrary code via a crafted H.264 Annex-B video .avi for example...
SUSE SLED11 / SLES11 Security Update : MozillaFirefox (SUSE-SU-2015:0978-1)
This update to Firefox 31.7.0 ESR fixes the following issues : MFSA 2015-46 CVE-2015-2708, CVE-2015-2709: Miscellaneous memory safety hazards rv:38.0 / rv:31.7. Upstream references: bmo1120655, bmo1143299, bmo1151139, bmo1152177, bmo1111251, bmo1117977, bmo1128064, bmo1135066, bmo1143194,...
CVE-2015-0797
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service buffer over-read and application crash or possibly execute arbitrary code via crafted H.264 video data in an m4v...
UBUNTU-CVE-2015-0797
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service buffer over-read and application crash or possibly execute arbitrary code via crafted H.264 video data in an m4v...
Buffer overflow parsing H.264 video with Linux Gstreamer — Mozilla
Security researcher Aki Helin used the Address Sanitizer tool to find a buffer overflow during video playback on Linux systems. This was due to a problem in older versions of the Gstreamer plugin during the parsing of H.264 formatted video. This issue could be used to induce a possibly exploitabl...
IPUX CS7522CS2330CS2030 IP Camera - UltraHVCamX.ocx ActiveX Stack Buffer Overflow
IPUX CS7522CS2330CS2030 IP Camera - UltraHVCamX.ocx ActiveX Stack Buffer Overflow IPUX CS7522/CS2330/CS2030 IP Camera UltraHVCamX.ocx ActiveX Stack Buffer Overflow Vendor: Big Good Holdings Limited | Fitivision Technology Inc. Product web page: http://www.ipux.net | http://www.fitivision.com...
CVE-2013-0867
The decodesliceheader function in libavcodec/h264.c in FFmpeg before 1.1.2 does not properly check when the pixel format changes, which allows remote attackers to have unspecified impact via crafted H.264 video data, related to an out-of-bounds array access...
Design/Logic Flaw
The decodesliceheader function in libavcodec/h264.c in FFmpeg before 1.1.2 does not properly check when the pixel format changes, which allows remote attackers to have unspecified impact via crafted H.264 video data, related to an out-of-bounds array access...
MOAB-01-01-2007: Apple Quicktime rtsp URL Handler Stack-based Buffer Overflow
Summary The following description of the software is provided by vendor Apple: QuickTime 7 makes the future of video crystal clear with new features including user-friendly controls and pristine H.264 video. Upgrade to QuickTime 7 Pro and capture your own movies, then share them with friends and...
CVE-2006-1462
Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 M4V video format file...
CVE-2006-1463
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 M4V video format file with a certain modified size value...
Heap overflow
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 M4V video format file with a certain modified size value...
Integer overflow
Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 M4V video format file...