Lucene search
+L

96 matches found

VulnCheck KEV
VulnCheck KEV
added 2012/10/18 12:0 a.m.3 views

VulnCheck KEV: CVE-2009-0084

Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression...

9.3CVSS6.2AI score0.31808EPSS
Exploits1References1
NVD
NVD
added 2012/08/20 6:55 p.m.22 views

CVE-2011-3947

Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a...

6.8CVSS7.6AI score0.03937EPSS
Exploits0References7
OSV
OSV
added 2012/08/20 6:55 p.m.12 views

CVE-2011-3947

Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a...

7.6AI score
Exploits0References7
Prion
Prion
added 2012/08/20 6:55 p.m.29 views

Buffer overflow

Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a...

6.8CVSS8.3AI score0.03937EPSS
Exploits0References7Affected Software2
Debian CVE
Debian CVE
added 2012/08/20 6:0 p.m.41 views

CVE-2011-3947

Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a...

6.8CVSS9.7AI score0.03937EPSS
Exploits0
CVE
CVE
added 2012/08/20 6:0 p.m.79 views

CVE-2011-3947

CVE-2011-3947 describes a buffer overflow in mjpegbdec.c of FFmpeg/libavcodec that can be triggered by a crafted MJPEG-B file. Affected components/versions include FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x b...

6.8CVSS9.4AI score0.03937EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2012/08/20 6:0 p.m.31 views

CVE-2011-3947

Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a...

9.6AI score0.03937EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2012/06/19 12:0 a.m.35 views

Ubuntu 11.04 / 11.10 / 12.04 LTS : libav vulnerabilities (USN-1478-1)

Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed DV files. If a user were tricked into opening a crafted DV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user...

6.8CVSS8.7AI score0.04686EPSS
Exploits2References17
Ubuntu
Ubuntu
added 2012/06/18 12:42 p.m.75 views

USN-1478-1: Libav vulnerabilities

Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed DV files. If a user were tricked into opening a crafted DV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user...

6.8CVSS8.8AI score0.04686EPSS
Exploits2
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.57 views

ffmpeg library multiple security vulnerabilities

Multiple security vulnerabilities on Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV parsing...

10CVSS3.2AI score0.04686EPSS
Exploits3References2Affected Software1
UbuntuCve
UbuntuCve
added 2012/05/13 12:0 a.m.33 views

CVE-2011-3947

Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a...

6.8CVSS7.5AI score0.03937EPSS
Exploits0References3
seebug.org
seebug.org
added 2010/06/10 12:0 a.m.30 views

Windows媒体解压多个远程代码执行漏洞(MS10-033)

BUGTRAQ ID: 40464,40432 CVE ID: CVE-2010-1879,CVE-2010-1880 Windows是微软发布的非常流行的操作系统。 Windows中的多个多媒体处理组件在处理媒体文件时没有正确地解析其中的压缩数据,如果用户打开了特制的媒体文件,就可能允许远程代码执行。如果用户以管理权限登录,则成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft DirectX 9.0 Microsoft Media Format Runtime 9.5 x64 Microsoft Media Format Runtime 9.5 Microsoft...

9.3CVSS6.8AI score0.21221EPSS
Exploits1
NVD
NVD
added 2010/06/08 10:30 p.m.25 views

CVE-2010-1880

Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "MJPEG Media Decompression Vulnerability."...

9.3CVSS7.4AI score0.21221EPSS
Exploits1References4
Prion
Prion
added 2010/06/08 10:30 p.m.14 views

Design/Logic Flaw

Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "MJPEG Media Decompression Vulnerability."...

9.3CVSS8AI score0.21221EPSS
Exploits1References4Affected Software1
Check Point Advisories
Check Point Advisories
added 2010/06/08 12:0 a.m.2 views

Microsoft DirectShow MJPEG Crafted Segments Code Execution (MS10-033; CVE-2010-1880)

Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. Audio Video Interleave AVI is a file type that is used with applications that capture, edit, and play back audio-video sequences. A remo...

9.3CVSS7.5AI score0.21221EPSS
Exploits1
securityvulns
securityvulns
added 2010/06/08 12:0 a.m.57 views

Microsoft Windows media files parsing memroy corruption

Memory corruption on JPEG / MJPEG parsing...

9.3CVSS4.6AI score0.21221EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2010/04/05 12:0 a.m.52 views

ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability

ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-037 April 2, 2010 -- CVE ID: CVE-2010-0517 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection:...

6.8CVSS0.6AI score0.04701EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2010/04/02 12:0 a.m.30 views

Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of...

10CVSS3.1AI score0.04701EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2010/02/14 12:0 a.m.25 views

Microsoft DirectX Crafted MJPEG Stream Handling Code Execution (MS08-033; CVE-2008-0011)

Microsoft DirectX is a software component which contains a set of APIs that provide access to graphics acceleration chips and sound cards and other types of media hardware. These APIs control low-level functions including graphics acceleration, support for input devices such as joysticks,...

9.3CVSS7.5AI score0.31589EPSS
Exploits1
seebug.org
seebug.org
added 2009/04/16 12:0 a.m.32 views

Microsoft DirectX MJPEG视频解码远程代码执行漏洞(MS09-011)

BUGTRAQ ID: 34460 CVECAN ID: CVE-2009-0084 Microsoft DirectX是Windows操作系统中的一项功能,流媒体在玩游戏或观看视频时通过这个功能支持图形和声音。 DirectX处理受支持格式文件的方式存在漏洞,如果用户受骗打开了特制的MJPEG文件就会导致执行任意代码。成功利用此漏洞的攻击者可以完全控制受影响的系统,攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。 Microsoft DirectX 9.0 Microsoft DirectX 8.1 临时解决方法:...

9.3CVSS6.8AI score0.31808EPSS
Exploits1
Rows per page
Query Builder