116 matches found
Updated libvorbis packages fix security vulnerabilities
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbisanalysisheaderout in info.c when vi-channels=0, a similar issue to Mozilla bug 550184. CVE-2017-14632 In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the...
openSUSE Security Update : libvorbis (openSUSE-2018-15)
This update for libvorbis fixes the following issues : - CVE-2017-14633: out-of-bounds array read vulnerability exists in function mapping0forward could lead to remote denial of service bsc1059811 - CVE-2017-14632: Remote Code Execution upon freeing uninitialized memory in function...
SUSE SLED12 / SLES12 Security Update : libvorbis (SUSE-SU-2018:0015-1)
This update for libvorbis fixes the following issues : - CVE-2017-14633: out-of-bounds array read vulnerability exists in function mapping0forward could lead to remote denial of service bsc1059811 - CVE-2017-14632: Remote Code Execution upon freeing uninitialized memory in function...
Denial Of Service (DoS)
FFMPEG is vulnerable to denial of service DoS attacks. A malicious user can launch an attack by sending a malicious MPEG file to the gmcmmx function in libavcodec/x86/mpegvideodsp.c. Since it fails to validate the width and height of the input, it leads to integer signedness error and an...
Integer overflow
The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service integer signedness error and out-of-array read via a crafted MPEG file...
CVE-2017-17081
The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service integer signedness error and out-of-array read via a crafted MPEG file...
CVE-2017-17081
The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service integer signedness error and out-of-array read via a crafted MPEG file...
CVE-2017-17081
The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service integer signedness error and out-of-array read via a crafted MPEG file...
CVE-2017-17081
CVE-2017-17081 affects FFmpeg’s x86 MPEG video DSP (libavcodec/x86/mpegvideodsp.c) where the gmc_mmx path does not properly validate widths and heights, enabling a crafted MPEG file to trigger a denial of service via an integer signedness error and out-of-bounds read. The vulnerability is present...
CVE-2017-14633
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0forward in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbisanalysis...
CVE-2017-14633
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0forward in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbisanalysis...
CVE-2017-14633
CVE-2017-14633 : In Xiph.Org libvorbis 1.3.5, there is an out-of-bounds array read in mapping0_forward() of mapping0.c that may cause a denial of service when processing a crafted audio file with vorbis_analysis(). The issue is fixed upstream in libvorbis 1.3.6. Public advisories across distribut...
CVE-2017-14633
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0forward in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbisanalysis...
CVE-2017-14633
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0forward in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbisanalysis...
Denial Of Service (DoS)
FFmpeg is vulnerable to denial of service DoS attacks. A malicious user can pass a malicious JPEG2000 file to the system that can cause an out-of-bounds array read that can crash the system...
Microsoft Internet Explorer AcquireLineBoxBuilderForLayout Null Array Base Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
CVE-2016-2328
libswscale/swscaleunscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service out-of-bounds array read access or possibly have unspecified other impact via a crafted .cine file, related to the bayertorgb24wrapper and...
CVE-2016-2328
libswscale/swscaleunscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service out-of-bounds array read access or possibly have unspecified other impact via a crafted .cine file, related to the bayertorgb24wrapper and...
CVE-2016-2328
libswscale/swscaleunscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service out-of-bounds array read access or possibly have unspecified other impact via a crafted .cine file, related to the bayertorgb24wrapper and...
CVE-2016-2328
libswscale/swscaleunscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service out-of-bounds array read access or possibly have unspecified other impact via a crafted .cine file, related to the bayertorgb24wrapper and...