FaceTime - RTP Video Processing Heap Corruption

There is a memory corruption issue when processing a malformed RTP video stream in FaceTime that leads to a kernel panic due to a corrupted heap cookie or data abort. This bug can be reached if a user accepts a call from a malicious caller. This issue only affects FaceTime on iOS, it does not cra...

Hardware Acceleration for Linux endpoints with AMD GPUs

Starting from version 2.5,HDX RTME supports hardware acceleration for video compression on Linux thin clients or fat clients with AMD GPU. Specifically, for video encoding RTME uses VCE 2.0 or higher. Video decoding has limited support because of some technical limitations, and it is disabled in...

Memory Corruption Vulnerability in AVI Video Processing by AVI Star

Video Star is a video player. A memory corruption vulnerability exists in the AVI video processing of the AVI Star player. An attacker can cause the program to crash by constructing a malformed AVI video, which if successfully exploited can lead to arbitrary code execution...

Unspecified Vulnerability in Ffmpeg (CNVD-2017-20991)

FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. There is an unspecified vulnerability in Ffmpeg, and no detailed vulnerability details are provided at this time...

The vulnerability of the dnxhddecode_header function in the libavcodec/dnxhddec.c multimedia library of FFmpeg allows a attacker to cause a service failure or exert other effects.

The vulnerability of the dnxhddecodeheader function in the libavcodec/dnxhddec.c multimedia library of FFmpeg relates to reading data beyond the specified buffer boundaries. Exploiting this vulnerability may allow a malicious actor to cause service failure access outside the array or other effect...

arxius: another local file disclosure via ffmpeg

Summary The fix for https://hackerone.com/reports/242831 can be easily bypassed. It looks like you've banned file:// substring, which is not enough. Repro steps 1. Download genavi.py attached and run the script like this: python3 genavi.py /etc/passwd mustsandboxffmpeg.avi.mp4. 2. Visit...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the FFmpeg component in Google Chrome browsers arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to cause service interruptions through the use of a specially created video file...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the processing of Flash Video files...

Google Chrome < 56.0.2924.76 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 56.0.2924.76. It is, therefore, affected by multiple vulnerabilities as referenced in the 201701stable-channel-update-for-desktop advisory. - A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows an...

PT-2017-1117 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 24.0.0.186 and earlier Description: The issue is caused by a heap overflow in memory when processing Flash Video files, which can allow a remote attacker to execute arbitrary code. This can occur when handling the...

FFmpeg Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A denial of service vulnerability exists in FFmpeg versions prior to 3.1.3, which allows attackers to exploit the vulnerability to cause a denial of service...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system is related to deficiencies in video file processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using a specially crafted .mcl file...

FFmpeg sws_init_context Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'swsinitcontext' function in the libswscale/utils.c file in versions of FFmpeg prior to 2.7.2, which stems from the program's failure to initialize th...

DEBIAN-CVE-2014-2263

The mpegtswritepmt function in the MPEG2 transport stream aka DVB muxer libavformat/mpegtsenc.c in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write...

Ruby Gem kelredd-pruview 0.3.8 Command Injection

Remote command injection in Ruby Gem kelredd-pruview 0.3.8 Larry W. Cashdollar 4/4/2013 @larry0 Description: "A gem to ease generating image previews thumbnails of various files." https://rubygems.org/gems/kelredd-pruview Remote commands can be executed if the file name contains shell meta...

Windows Live Messenger < 8.1.0178 Video Processing Overflow

Binary data 4197.prm...