SUSE CVE-2017-18242

The applydependentcoupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted aac file...

SUSE CVE-2020-24995

Buffer overflow vulnerability in sniffchannelorder function in aacdectemplate.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code local...

ffmpeg 安全漏洞

FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. A buffer overflow vulnerability exists in the sniffchannelorder function in aacdectemplate.c in FFmpeg 3.1.2. An attacker can exploit this...

CVE-2017-18242

The CVE-2017-18242 issue affects Libav 12.2, where the apply_dependent_coupling function in libavcodec/aacdec.c is exploitable to cause a denial of service via an out-of-bounds read when processing a crafted AAC file. Red Hat, SUSE, Ubuntu and other feeds confirm the same description; no official...

CVE-2017-13206

An information disclosure vulnerability in the Android media framework aacdec. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65025048...

CVE-2017-13206

CVE-2017-13206 is an information-disclosure vulnerability in Android’s media framework (aacdec) affecting Android 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. The issue is documented in multiple sources (NVD entry; Pixel/Nexus security bulletin). The Pixel bulletin lists this CVE under the...

CVE-2016-9561

The checonfigure function in libavcodec/aacdectemplate.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service allocation of huge memory, and being killed by the OS via a crafted MOV file...

CVE-2016-3830

codecs/aacdec/SoftAAC2.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to cause a denial of service device hang or reboot via crafted ADTS data, aka internal bug 29153599...