748 matches found
Out-of-bounds
The smkadecodeframe function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly...
CVE-2015-8365
CVE-2015-8365 affects FFmpeg libavcodec/smacker.c. The vulnerability arises when the data size is not checked against the number of channels, allowing an out-of-bounds access that can cause a remote denial of service (and possible other impact) via crafted Smacker data. Affected FFmpeg versions: ...
CVE-2015-8365
The smkadecodeframe function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly...
CVE-2015-8365
The smkadecodeframe function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly...
CVE-2015-8365
The smkadecodeframe function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly...
CVE-2015-8218
The decodeuncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted CCITT FAX data...
CVE-2015-8217
The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...
Out-of-bounds
The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...
Out-of-bounds
The ljpegdecodeyuvscan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted MJPEG data...
CVE-2015-8219
The inittile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JP...
Out-of-bounds
The inittile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JP...
CVE-2015-8216
The ljpegdecodeyuvscan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted MJPEG data...
CVE-2015-8218
The CVE-2015-8218 issue affects FFmpeg’s libavcodec/faxcompr.c: the decode_uncompressed function does not validate uncompressed runs, enabling a remote attacker to trigger a denial of service via crafted CCITT FAX data (out-of-bounds access). Affected product/version: FFmpeg up to 2.8.1 (prior to...
CVE-2015-8216
CVE-2015-8216 affects FFmpeg’s libavcodec/mjpegdec.c (ljpeg_decode_yuv_scan). The issue omits width/height checks, allowing remote attackers to cause a denial of service via crafted MJPEG data (out-of-bounds access). Upstream FFmpeg fixed this in version 2.8.2; multiple advisories (openSUSE, Debi...
CVE-2015-8217
The CVE-2015-8217 vulnerability in FFmpeg (libavcodec/hevc_ps.c) arose from not validating the Chroma Format Indicator, allowing a crafted HEVC stream to trigger an out-of-bounds array access and potential DoS. Connected advisories confirm FFmpeg up to version 2.8.2 fixed this issue by adding a c...
CVE-2015-8218
The decodeuncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted CCITT FAX data...
CVE-2015-8217
The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...
CVE-2009-3288
The sgbuildindirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service kernel OOPS and NULL pointer dereference, as demonstrated by using xcdroast to duplicate a CD...
FreeBSD : ffmpeg -- multiple vulnerabilities (3d950687-b4c9-4a86-8478-c56743547af8)
NVD reports : The decodeihdrchunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR aka image header chunk in a PNG image, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact v...
CVE-2015-6819
Multiple integer underflows in the ffmjpegdecodeframe function in libavcodec/mjpegdec.c in FFmpeg before 2.7.2 allow remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted MJPEG data...