116 matches found
CVE-2016-2328
libswscale/swscaleunscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service out-of-bounds array read access or possibly have unspecified other impact via a crafted .cine file, related to the bayertorgb24wrapper and...
MGASA-2016-0060 Updated ffmpeg packages fix security vulnerabilities
Updated ffmpeg packages fix security vulnerabilities: FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming HLS M3U8 file, leading to an external HTTP request in which the URL string contains the first li...
CVE-2016-2213
The jpeg2000decodetile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service out-of-bounds array read access via crafted JPEG 2000 data...
Debian DSA-2697-1 : gnutls26 - out-of-bounds array read
It was discovered that a malicious client could crash a GNUTLS server and vice versa, by sending TLS records encrypted with a block cipher which contain invalid padding. The oldstable distribution squeeze is not affected because the security fix that introduced this vulnerability was not applied ...
Debian Security Advisory DSA 2697-1 (gnutls26 - out-of-bounds array read)
It was discovered that a malicious client could crash a GNUTLS server and vice versa, by sending TLS records encrypted with a block cipher which contain invalid padding. The oldstable distribution squeeze is not affected because the security fix that introduced this vulnerability was not applied ...
DSA-2697-1 gnutls26 - out-of-bounds array read
Bulletin has no description...
FreeBSD : mozilla -- multiple vulnerabilities (94976433-9c74-11e2-a9fc-d43d7e0c7c02)
The Mozilla Project reports : MFSA 2013-30 Miscellaneous memory safety hazards rv:20.0 / rv:17.0.5 MFSA 2013-31 Out-of-bounds write in Cairo library MFSA 2013-32 Privilege escalation through Mozilla Maintenance Service MFSA 2013-33 World read and write access to apptmp directory on Android MFSA...
Ubuntu: Security Advisory (USN-1786-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1786-1: Firefox vulnerabilities
Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan Sreckovic, Joe Drew, Andrew McCreight, Randell Jesup, Gary Kwong and Mats Palmgren discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could...
Debian DSA-2559-1 : libexif - several vulnerabilities
Several vulnerabilities were found in libexif, a library used to parse EXIF meta-data on camera files. - CVE-2012-2812 : A heap-based out-of-bounds array read in the exifentrygetvalue function allows remote attackers to cause a denial of service or possibly obtain potentially sensitive informatio...
CVE-2012-2788
Unspecified vulnerability in the avireadpacket function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is shrunk."...
CVE-2012-2788
Unspecified vulnerability in the avireadpacket function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is shrunk."...
DEBIAN-CVE-2012-2788
Unspecified vulnerability in the avireadpacket function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is shrunk."...
Design/Logic Flaw
Unspecified vulnerability in the avireadpacket function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is shrunk."...
CVE-2012-2788
Unspecified vulnerability in the avireadpacket function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is shrunk."...
CVE-2012-2788
CVE-2012-2788 affects FFmpeg (libavformat/avidec.c) and Libav; it is caused by an out-of-bounds read in avi_read_packet when a packet is shrunk. The issue is fixed in FFmpeg >=0.11 and Libav 0.7.7/0.8.4 or later (per connected advisories, e.g., avidec: use actually read size instead of request...