CVE-2013-7018

libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JPEG2000 data...

CVE-2013-7010

Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted data...

CVE-2013-7023

CVE-2013-7023 affects FFmpeg prior to 2.1 in libavcodec/parser.c, specifically ff_combine_frame, where certain memory-allocation errors are not handled correctly. This can enable remote attackers to cause a denial of service via out-of-bounds accesses, or potentially have other unspecified impact...

CVE-2013-7014

CVE-2013-7014: FFmpeg (libavcodec/pngdsp.c, function add_bytes_l2_c) contains a signedness error that can allow remote attackers to trigger an out-of-bounds access via crafted PNG data, leading to denial of service or other unspecified impact. Affected affected version: FFmpeg before 2.1. The iss...

CVE-2013-7009

The rpzadecodestream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Apple RPZA data...

CVE-2013-7022

FFmpeg, pre-2.1, is affected by CVE-2013-7022 via g2m_init_buffers in libavcodec/g2meet.c: memory for tiles is not allocated correctly, allowing a remote attacker to trigger a denial of service through an out-of-bounds access in crafted Go2Webinar data. The issue’s impact is described as DoS and ...

CVE-2013-7013

CVE-2013-7013 affects FFmpeg’s g2m_init_buffers in libavcodec/g2meet.c, where an incorrect arithmetic operation order in the Go2Webinar path (pre-2.1) enables out-of-bounds memory access and DoS via crafted data. The vulnerability is documented across multiple advisories (NVD/Nessus/Gentoo GLSA) ...

CVE-2013-7016

The getsiz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JPEG2000 data...

CVE-2013-7020

The readheader function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted FFV1 data...

CVE-2013-7009

The rpzadecodestream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Apple RPZA data...

CVE-2013-7011

The readheader function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted FFV1 data...

CVE-2013-7011

The CVE-2013-7011 issue affects FFmpeg’s read_header in libavcodec/ffv1dec.c, where global parameters can be changed by crafted FFV1 data, enabling a remote attacker to trigger a DoS via out-of-bounds access. Affected: FFmpeg builds prior to 2.1. Root cause: improper validation of global paramete...

CVE-2013-7018

FFmpeg vulnerable component: libavcodec/jpeg2000dec.c in FFmpeg prior to 2.1. The issue allows remote attackers to trigger a denial of service via out-of-bounds array access when processing crafted JPEG2000 data due to invalid code-block dimension values. Impact includes DoS (and possibly other u...

CVE-2013-7016

CVE-2013-7016 affects FFmpeg up to version 2.1, where get_siz in libavcodec/jpeg2000dec.c may fail to enforce expected sample separation when processing JPEG2000 data. This can lead to an out-of-bounds array access and remote denial of service, with potential unspecified impact. The issue arises ...

CVE-2013-7012

Vulnerability (CVE-2013-7012) in FFmpeg affects the get_siz function in libavcodec/jpeg2000dec.c. FFmpeg versions before 2.1 do not prevent use of non-zero image offsets, enabling a remote attacker to cause a denial of service via out-of-bounds array access when processing crafted JPEG2000 data. ...

CVE-2013-7010

Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted data...

CVE-2013-7013

The g2minitbuffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Go2Webinar data...

CVE-2013-0859

The adddoublesmetadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an out-of-bounds array access...

CVE-2013-0844

Off-by-one error in the adpcmdecodeframe function in libavcodec/adpcm.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via crafted DK4 data, which triggers an out-of-bounds array access...

CVE-2013-0850

The decodesliceheader function in libavcodec/h264.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted H.264 data, which triggers an out-of-bounds array access...