14 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-2428
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libAACdec/src/aacdecdrc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limi...
CVE-2020-0103
In a2dpaacdecodercleanup of a2dpaacdecoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android...
FAAD2: Multiple Vulnerabilities
Background FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder. Description Multiple vulnerabilities have been discovered in FAAD2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
Faad2 Buffer Error Vulnerability
Faad2 is a freeware Advanced Audio Aac decoder. It is used for Sbr decoding. A security vulnerability exists in Faad2 version v.2.10.1, which stems from the presence of a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code and cause a denial of service...
SUSE CVE-2016-9561
The checonfigure function in libavcodec/aacdectemplate.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service allocation of huge memory, and being killed by the OS via a crafted MOV file...
FAAD2 Heap Buffer Overflow Vulnerability (CNVD-2021-89952)
Freeware Advanced Audio Decoder 2 FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder licensed under the GPLv2 license. sbrqmfsynthesis64 function in sbrqmf.c in FAAD2 2.10.0 and earlier versions is vulnerable to a heap buffer overflow vulnerability. An attacker could exploit this vulnerability...
CVE-2020-0103
In a2dpaacdecodercleanup of a2dpaacdecoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android...
The vulnerability of the CAacDecoder_Init function in the Android operating system allows a hacker to execute arbitrary code.
The vulnerability of the CAacDecoderInit function aacdecoder.cpp in the Android operating system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
CVE-2018-9550
In CAacDecoderInit of aacdecoder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID:...
CVE-2018-9550
In CAacDecoderInit of aacdecoder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID:...
Libav Denial of Service Vulnerability (CNVD-2018-07428)
Libav is an open source audio and video processing tools , providing for conversion , manipulation and streaming of various multimedia formats and protocols cross-platform tools and libraries . A denial of service vulnerability exists in the applydependentcoupling function in libavcodec/aacdec.c ...
UBUNTU-CVE-2017-18242
The applydependentcoupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted aac file...
CVE-2016-9561
The checonfigure function in libavcodec/aacdectemplate.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service allocation of huge memory, and being killed by the OS via a crafted MOV file...
openSUSE Security Update : ffmpeg (openSUSE-2015-821)
The ffmpeg package was updated to version 2.8.2 to fix the following security and non security issues : - CVE-2015-8216: Fixed the ljpegdecodeyuvscan function in libavcodec/mjpegdec.c which could cause a denial of service out-of-bounds array access bnc955346. - CVE-2015-8217: Fixed the...