748 matches found
CVE-2018-1999010
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been...
CVE-2018-1999014
FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been...
CVE-2018-1999010
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been...
CVE-2018-1999014
FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been...
CVE-2018-1999010
CVE-2018-1999010 affects FFmpeg prior to commit cced03dd667a5df6df8fd40d8de0bff477ee02e8, which contains multiple out-of-array access vulnerabilities in the MMS protocol. The flaws can allow an attacker to read out-of-bounds data and appear exploitable via network connectivity. The issue is expli...
CVE-2018-1999010
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been...
JavaScript Core - Arbitrary Code Execution Exploit
Exploit for multiple platform in category local exploits // Load Int library, thanks saelo! load'util.js'; load'int64.js'; // Helpers to convert from float to in a few random places var conva = new ArrayBuffer8; var convf = new Float64Arrayconva; var convi = new Uint32Arrayconva; var convi8 = new...
Denial Of Service (DoS)
ffmpeg is vulnerable to denial of service DoS attacks. The library does not properly handle frame types that contain multiple independent substreams in them, allowing a malicious user to pass an AVI file to be converted to an MP4 file that can cause an out-of-array access that can crash the...
CVE-2017-18159
In Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFOMAXIDLENGTH, an array out of bounds access may occur...
CVE-2018-13302
In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...
Information disclosure
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1putblocksclamped function in libavcodec/vc1block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service...
CVE-2018-13305
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1putblocksclamped function in libavcodec/vc1block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service...
CVE-2018-13305
CVE-2018-13305 affects FFmpeg 4.x, where a missing check for negative mquant values in the VC-1 decoding path (vc1_put_blocks_clamped in libavcodec/vc1_block.c) can trigger an out-of-bounds access while converting a crafted AVI to MPEG-4, potentially causing information disclosure or a denial of ...
CVE-2018-13305
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1putblocksclamped function in libavcodec/vc1block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service...
CVE-2018-13302
In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...
CVE-2018-13302
In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...
CVE-2018-13302
In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...
CVE-2018-13302
CVE-2018-13302 affects FFmpeg 4.0.1 in the libavformat/movenc.c handle_eac3 path. A crafted AVI can trigger an out-of-bounds access when handling multiple independent substreams, leading to denial of service (and potentially other impacts as described in the entry). Public advisories note this vu...
CVE-2014-9989
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, ...
Input validation
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, lack of...