EUVD-2018-21843

Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the...

The vulnerability of the decoder in the MPEG-4 multimedia platform GPAC’s decoding function allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the decoder in the MPEG-4 multimedia platform GPAC’s decoding function is related to the lack of a mechanism for converting data types. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of the decoder in the MPEG-4 multimedia platform GPAC’s encoding function allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the decoder in the MPEG-4 multimedia platform GPAC’s decoding function is related to the lack of verification for the result of the addition arithmetic operation. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its...

The vulnerability of the HDLR decoder in the MPEG-4 multimedia platform GPAC function decoding process allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the HDLR decoder in the MPEG-4 multimedia platform GPAC decoding function is related to the lack of a mechanism for data type conversion. Exploiting this vulnerability allows an attacker operating remotely to gain access to confidential data, compromise its integrity, and cau...

GPAC Project Advanced Content 缓冲区错误漏洞

GPAC Project on Advanced Content is an open source cross-platform library that implements the MPEG-4 system standard and provides tools for media playback, vector graphics, and 3D rendering. an integer overflow vulnerability exists in the MPEG-4 decoding functionality in GPAC Project on Advanced...

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

DEBIAN-CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

UBUNTU-CVE-2018-13301

In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service...

The vulnerability of the MPEG-4 AVC software platform, Flash Player, allows attackers to execute arbitrary code.

The vulnerability of the MPEG-4 AVC software platform, Flash Player, arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memory corruption remotely...

Mozilla: Memory leak in libstagefright when deleting an array during MP4 processing (MFSA 2016-20)

Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service memory consumption via an MPEG-4 file that triggers a delete operation on an array...

Firefox browser’s vulnerabilities that allow a hacker to execute arbitrary code

Multiple vulnerabilities in the libstagefright library of the Firefox browser are related to integer overflows. Exploitation of these vulnerabilities could allow a malicious actor to execute arbitrary code remotely, using a specially crafted MPEG-4 video file header...