748 matches found
CVE-2014-2097
The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...
Out-of-bounds
The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...
CVE-2014-2097
The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...
Out-of-bounds
The msrledecodeframe function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Microsoft RLE video data...
CVE-2014-2099
The msrledecodeframe function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Microsoft RLE video data...
CVE-2014-2097
The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...
CVE-2014-2097
The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...
CVE-2014-2099
The msrledecodeframe function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Microsoft RLE video data...
CVE-2014-2099
The msrledecodeframe function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Microsoft RLE video data...
CVE-2014-0044
The opuspacketgetsamplesperframe function in client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots allows remote attackers to cause a denial of service crash via a crafted length prefix value, which triggers a NULL pointer dereference or a heap-based buffer over-read aka "out-of-bounds array...
CVE-2014-0044
The CVE-2014-0044 issue affects Mumble 1.2.4 and earlier 1.2.3 pre-release snapshots where a crafted length prefix in an opus packet can trigger a NULL pointer dereference or a heap-based buffer over-read, enabling a denial of service. Connected advisories confirm the root cause lies in opus_pack...
CVE-2014-0044
The opuspacketgetsamplesperframe function in client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots allows remote attackers to cause a denial of service crash via a crafted length prefix value, which triggers a NULL pointer dereference or a heap-based buffer over-read aka "out-of-bounds array...
CVE-2014-0044
The opuspacketgetsamplesperframe function in client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots allows remote attackers to cause a denial of service crash via a crafted length prefix value, which triggers a NULL pointer dereference or a heap-based buffer over-read aka "out-of-bounds array...
Debian DSA-2854-1 : mumble - several vulnerabilities
Several issues have been discovered in mumble, a low latency VoIP client. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2014-0044 It was discovered that a malformed Opus voice packet sent to a Mumble client could trigger a NULL pointer dereference or an...
Integer overflow
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JavaScript code...
Potential overflow in JavaScript binary search algorithms — Mozilla
Compiler Engineer Dan Gohman of Google reported that binary search algorithms in the SpiderMonkey JavaScript engine were prone to overflow in several places, leading to potential out-of-bounds array access. While none of these are known to be directly exploitable, they are unsafe in theory and ha...
CVE-2013-7022
The g2minitbuffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Go2Webinar data...
CVE-2013-7023
The ffcombineframe function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted data...
CVE-2013-7024
The jpeg2000decodetile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not consider the component number in certain calculations, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JPEG2000 dat...
CVE-2013-7010
Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted data...