1143 matches found
CVE-2013-7014
Integer signedness error in the addbytesl2c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted PNG data...
Out-of-bounds
The getcox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JPEG2000 data...
Code injection
The diracunpackidwtparams function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data...
CVE-2013-7009
The rpzadecodestream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Apple RPZA data...
CVE-2013-7017
libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service invalid pointer dereference or possibly have unspecified other impact via crafted JPEG2000 data...
Null pointer dereference
libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service invalid pointer dereference or possibly have unspecified other impact via crafted JPEG2000 data...
CVE-2013-7018
libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JPEG2000 data...
Out-of-bounds
The rpzadecodestream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Apple RPZA data...
Integer overflow
Integer signedness error in the addbytesl2c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted PNG data...
CVE-2013-7016
The getsiz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JPEG2000 data...
CVE-2011-3950
The diracdecodedataunit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via a crafted value in the reference pictures number...
DEBIAN-CVE-2011-3946
The ffh264decodesei function in libavcodec/h264sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information SEI data, which triggers an infinite loop...
CVE-2011-3944
The smackerdecodeheadertree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data...
CVE-2011-3941
The decodemb function in libavcodec/errorresilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to an uninitialized block index, which triggers an out-of-bounds write...
DEBIAN-CVE-2011-3934
Double free vulnerability in the vp3updatethreadcontext function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted vp3 data...
CVE-2011-3934
Double free vulnerability in the vp3updatethreadcontext function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted vp3 data...
CVE-2013-7019
CVE-2013-7019 affects FFmpeg up to version 2.1, where get_cox in libavcodec/jpeg2000dec.c fails to validate the reduction factor, enabling an out-of-bounds access in crafted JPEG2000 data and potentially causing a denial of service or other impact. The issue is documented across multiple feeds (N...
CVE-2013-7009
FFmpeg: CVE-2013-7009 affects the rpza_decode_stream function in libavcodec/rpza.c, where improper maintenance of the pixel data pointer in FFmpeg before 2.1 can cause out-of-bounds access and a denial-of-service via crafted Apple RPZA data. Exploitation is remote and depends on parsing RPZA data...
CVE-2011-3949
CVE-2011-3949 affects FFmpeg: the dirac_unpack_idwt_params function in libavcodec/diracdec.c (FFmpeg prior to 0.10) can be triggered by crafted Dirac data to cause an unspecified impact. The connected advisories reiterate the exact description and note that remediation involves upgrading FFmpeg. ...
CVE-2013-7010
FFmpeg/libavcodec/dsputil.c contains integer signedness errors in FFmpeg before 2.1, allowing remote attackers to cause a denial of service via crafted data (out-of-bounds access). The issue is documented across multiple advisories (Debian DSA-2855-1, Gentoo GLSA 201603-06) with remediation guida...