1143 matches found
CVE-2015-6823
The allocatebuffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service segmentation violation or possibly have unspecified other impact via crafted Apple Lossless Audio Codec ALAC data...
FFmpeg 'msrle_decode_pal4' Denial of Service Vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg versions prior to 2.5.6 and 2.6.2, which originates from an error in the 'msrledecodepal4' function in the libavcodec/msrledec.c file. An attacker...
DEBIAN-CVE-2015-3417
Use-after-free vulnerability in the ffh264freetables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references...
Design/Logic Flaw
Use-after-free vulnerability in the ffh264freetables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references...
Google Chrome FFmpeg Memory Misreference Vulnerability
Google Chrome is a simple and efficiently designed web browsing tool developed by Google. oogle Chrome suffers from a memory misreference vulnerability in the implementation of the libavcodec/vorbisdec.c function, which allows an attacker to build a malicious WEB page and trick the user into...
CVE-2014-7937
CVE-2014-7937 affects FFmpeg’s libavcodec/vorbisdec.c; multiple off-by-one errors can lead to a denial of service (use-after-free) or other impact via crafted Vorbis I data. The issue is present in FFmpeg versions before 2.4.2 as used by Google Chrome before 40.0.2214.91. Remediation is to upgrad...
FFmpeg 'libavcodec/utvideodec.c' Denial of Service Vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the FFmpeg 'libavcodec/utvideodec.c' file. As the program fails to check the height of the video cutscene. A remote attacker could exploit this...
CVE-2014-9604
libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Ut Video data, related to the 1 restoremedian and 2...
Out-of-bounds
libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Ut Video data, related to the 1 restoremedian and 2...
Out-of-bounds
The vmddecode function in libavcodec/vmdvideo.c in FFmpeg before 2.5.2 does not validate the relationship between a certain length value and the frame width, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...
CVE-2014-9602
libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words array dimensions that do not satisfy a required mathematical relationship, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...
CVE-2014-9602
libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words array dimensions that do not satisfy a required mathematical relationship, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...
CVE-2014-9602
CVE-2014-9602 affects FFmpeg’s libavcodec/xface.h prior to 2.5.2, where certain numeric and word array dimensions do not satisfy a required mathematical relationship. This enables a remote attacker to trigger a denial of service via out-of-bounds access in X-Face image data, with potential unspec...
CVE-2014-9602
libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words array dimensions that do not satisfy a required mathematical relationship, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...
CVE-2014-9603
CVE-2014-9603 : In FFmpeg, the vmd_decode path in libavcodec/vmdvideo.c does not validate the relationship between a length field and the frame width, allowing remote attackers to trigger an out-of-bounds access and cause a denial of service via crafted Sierra VMD data. Affected software: FFmpeg ...
CVE-2014-9602
libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words array dimensions that do not satisfy a required mathematical relationship, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...
CVE-2014-9604
libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Ut Video data, related to the 1 restoremedian and 2...
Design/Logic Flaw
The mjpegdecodeapp function in libavcodec/mjpegdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service out-of-bounds heap access and possibly have other unspecified impact via vectors related to LJIF tags in an MJPEG file...
Design/Logic Flaw
The decodeihdrchunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service out-of-bounds heap access and possibly have other unspecified impact via an IDAT before an IHDR in a PNG file...
CVE-2014-9318
The rawdecode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service out-of-bounds heap access and possibly have other unspecified impact via a crafted .cine file that triggers the avpicturegetsize...