42 matches found
SUSE-SU-2022:3906-1 Security update for gstreamer-0_10-plugins-good
This update for gstreamer-010-plugins-good fixes the following issues: - CVE-2022-1920: Fixed an integer overflow while parsing matroska files bsc1201688. - CVE-2022-1921: Fixed an integer overflow while parsing avi files bsc1201693. - CVE-2022-1922: Fixed an integer overflow during mkv demuxing...
CVE-2022-1920
A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska file. This vulnerability can result in application crash, memory corruption, and code execution...
Heap overflow
GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files...
CVE-2021-3497
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files...
VideoLAN VLC media player buffer overflow vulnerability (CNVD-2021-03027)
VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by Videolan France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A buffer overflo...
VideoLAN VLC media player 缓冲区错误漏洞
VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by Videolan France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A buffer overflo...
CVE-2019-15232
Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors...
DEBIAN-CVE-2019-9721
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
openSUSE Security Update : libmatroska / mkvtoolnix (openSUSE-2018-1432)
This update for libmatroska, mkvtoolnix fixes the following issues : Security issue fixed : - CVE-2018-4022: Fixed use-after-free vulnerability that existed in the way MKV matroska file format was handled bsc1113709. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
CVE-2018-4022
A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV matroska file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user...
MKVToolNix MKVINFO read_one_element code execution vulnerability
Summary A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV matroska file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user. Tested Versions MKVToolNix mkvinfo v25.0.0 ‘Prog Noir’ 64-bit Product URLs...
CVE-2017-12801
The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service assert fault via a crafted mkv file...
CVE-2017-12781
The EBMLBufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service Null pointer dereference and application crash via a crafted mkv file...
libebml2 'ReadDataFloat' Function Denial of Service Vulnerability
libebml2 is an open source EBML parser written in C . A security vulnerability exists in the 'ReadDataFloat' function in the ebmlnumber.c file in libebml2 2012-08-26 and earlier versions. A remote attacker can exploit this vulnerability to cause a denial of service with the help of a specially...
mkvalidator 'Node_GetData' Function Denial of Service Vulnerability
mkvalidator is a command line tool from the Matroska team for verifying that Matroska and WebM files are canonical. A security vulnerability exists in the 'NodeGetData' function in the corec/corec/node/node.c file in mkvalidator version 0.5.1. A remote attacker can exploit this vulnerability to...
libebml2 EBML_FindNextElement Function Denial of Service Vulnerability
libebml2 is a mkv file parsing library for analyzing or parsing mkv files for playback. A denial of service vulnerability exists in the EBMLFindNextElement function in libebml2 2012-08-26 and earlier ebmlmain.c. The vulnerability can be exploited to cause a denial of service null pointer...
CVE-2014-7933
Use-after-free vulnerability in the matroskareadseek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers...
DEBIAN-CVE-2014-7933
Use-after-free vulnerability in the matroskareadseek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers...
CVE-2014-7933
Use-after-free vulnerability in the matroskareadseek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers...
UBUNTU-CVE-2014-7933
Use-after-free vulnerability in the matroskareadseek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers...