CVE-2014-9602

CVE-2014-9602 affects FFmpeg’s libavcodec/xface.h prior to 2.5.2, where certain numeric and word array dimensions do not satisfy a required mathematical relationship. This enables a remote attacker to trigger a denial of service via out-of-bounds access in X-Face image data, with potential unspec...

CVE-2014-9602

libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words array dimensions that do not satisfy a required mathematical relationship, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...

CVE-2014-9603

CVE-2014-9603 : In FFmpeg, the vmd_decode path in libavcodec/vmdvideo.c does not validate the relationship between a length field and the frame width, allowing remote attackers to trigger an out-of-bounds access and cause a denial of service via crafted Sierra VMD data. Affected software: FFmpeg ...

CVE-2014-9603

The vmddecode function in libavcodec/vmdvideo.c in FFmpeg before 2.5.2 does not validate the relationship between a certain length value and the frame width, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...

CVE-2014-9603

The vmddecode function in libavcodec/vmdvideo.c in FFmpeg before 2.5.2 does not validate the relationship between a certain length value and the frame width, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...

CVE-2014-9604

libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Ut Video data, related to the 1 restoremedian and 2...

CVE-2014-9604

libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Ut Video data, related to the 1 restoremedian and 2...

AIX rsyslog Advisory : rsyslog_advisory.asc

The version of rsyslog installed on the remote AIX host is affected by a remote code execution or denial of service vulnerability : - The installed rsyslog allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impacts by crafting a...

Updated ffmpeg packages fix security vulnerabilities

A heap-based buffer overflow in the encodeslice function in libavcodec/proresenckostya.c in FFmpeg before 1.1.14 can cause a crash, allowing a malicious image file to cause a denial of service CVE-2014-5271. libavcodec/iff.c in FFmpeg before 1.1.14 allows an attacker to have an unspecified impact...

CVE-2013-4542

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

CVE-2013-4542

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

CVE-2013-4542

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

CVE-2014-5272

libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats...

Out-of-bounds

libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats...

CVE-2014-5272

libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats...

CVE-2014-5272

CVE-2014-5272 affects FFmpeg’s libavcodec/iff.c where a crafted IF image can trigger an out-of-bounds array access in rgb8/rgbn handling. Affected versions include FFmpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2. The provided connected sources corroborate the ...

Out-of-bounds

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...

CVE-2014-3634

CVE-2014-3634 and CVE-2014-3683 affect rsyslog (and sysklogd prior to 1.5). A crafted PRI value can trigger out-of-bounds/heap-based access, leading to denial of service and potentially remote code execution. In practice, rsyslog versions affected include 7.x before 7.6.7 and 8.x before 8.4.2 (an...

CVE-2014-3634

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...

CVE-2014-7186 and CVE-2014-7187 - Bash Out of Bounds | Cloud Foundry

CVE-2014-7186 and CVE-2014-7187 – Bash Out of Bounds Moderate Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 10.04 LTS and 14.04 LTS that include bash through 4.3 bash43-026 Description Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows...