13 matches found
CVE-2016-7555
The avireadheader function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure...
Design/Logic Flaw
The avireadseek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service assert fault via a crafted AVI file...
CVE-2016-7122
The avireadnikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure...
CVE-2016-7785
The avireadseek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service assert fault via a crafted AVI file...
ALPINE-CVE-2016-7905
The readgab2sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service NULL pointer used via a crafted AVI file...
Null pointer dereference
The readgab2sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service NULL pointer used via a crafted AVI file...
CVE-2016-7122
The CVE-2016-7122 entry concerns FFmpeg. The vulnerability is in the function avi_read_nikon of libavformat/avidec.c, affecting FFmpeg before 3.1.4, and is triggered when decoding an AVI file containing a crafted 'nctg' structure, leading to an infinite loop. Several connected sources (NVD, CNVD,...
CVE-2016-7122
The avireadnikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure...
CVE-2016-7122
The avireadnikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure...
CVE-2016-7555
The CVE concerns FFmpeg before 3.1.4, specifically the avi_read_header function in libavformat/avidec.c, which leaks memory when decoding an AVI file with a crafted "strh" structure. Affected component: FFmpeg's demux/AVI parser. Root cause: memory leak in avi_read_header when parsing a manipulat...
Design/Logic Flaw
Unspecified vulnerability in the avireadpacket function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large number of vector coded coefficients numveccoeffs...
CVE-2012-2788
CVE-2012-2788 affects FFmpeg (libavformat/avidec.c) and Libav; it is caused by an out-of-bounds read in avi_read_packet when a packet is shrunk. The issue is fixed in FFmpeg >=0.11 and Libav 0.7.7/0.8.4 or later (per connected advisories, e.g., avidec: use actually read size instead of request...
CVE-2012-2789
CVE-2012-2789 affects FFmpeg (before 0.11) and Libav (0.7.x before 0.7.7; 0.8.x before 0.8.4) due to an unspecified vulnerability in avi_read_packet() in libavformat/avidec.c related to a large number of vector coded coefficients (num_vec_coeffs). The advisory provides no explicit impact vector b...