CVE-2014-0349

CVE-2014-0349 involves multiple unspecified vulnerabilities in the J2k-Codec JPEG 2000 decoding library (Windows). A crafted JPEG 2000 file may allow a remote attacker to execute arbitrary code with the privileges of the vulnerable application. Documents consistently describe remote code executio...

J2k-Codec特制JPEG 2000文件处理多个任意代码执行漏洞

CVE ID:CVE-2014-0349 J2k-Codec是一个JPEG 2000解码器。 J2k-Codec处理JPEG 2000图像时存在多个安全漏洞，允许攻击者构建恶意图像文件，诱使用户解析，可使应用程序崩溃或执行任意代码。 0 J2k-Codec 2.2 目前没有详细解决方案： http://j2k-codec.com/...

J2k-Codec contains multiple exploitable vulnerabilities

Overview J2k-Codec contains multiple exploitable vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description J2k-Codec is a JPEG 2000 decoding library for Windows. J2k-Codec contains multiple exploitable exploitable...

Microsoft Windows Cinepak Codec Remote Code Execution (MS10-055) - Ver2 (CVE-2010-2553)

The Cinepak codec is a media encoder and decoder supported by the Windows Media Player. A remote code execution vulnerability has been reported in the way the Cinepak codec handles supported format files. The vulnerability is due to an error in the Cinepak codec that fails to properly handle...

Microsoft MPEG Layer-3 Audio Decoder Stack Overflow (MS10-026) - Ver2 (CVE-2010-0480)

MPEG Layer-3 audio codecs are the MPEG Layer-3 Audio Codec for Microsoft DirectShow l3codecx.ax and the Fraunhofer IIS MPEG Layer-3 ACM codecs L3codeca.acm and L3codecp.acm. These MPEG Layer-3 audio codecs are provided along with Windows Media files on affected versions of Microsoft Windows. A...

FFmpeg及Libav 'tak_decode_frame()' 函数越界拒绝服务漏洞

BUGTRAQ ID: 66055 CVECAN ID: CVE-2014-2097 FFmpeg是一个免费的可以执行音讯和视讯多种格式的录影、转档、串流功能的软件。 FFmpeg及Libav 2.1.4之前版本libavcodec/takdec.c内的takdecodeframe函数没有正确验证某个bits-per-sample值，这可使远程攻击者通过特制的TAK数据，利用此漏洞造成拒绝服务（越界数组访问）。 0 FFmpeg FFmpeg 2.1.4 厂商补丁： FFmpeg ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

FFmpeg多个远程安全漏洞

BUGTRAQ ID: 65634 FFmpeg是一个免费的可以执行音讯和视讯多种格式的录影、转档、串流功能的软件。 FFmpeg在"ffinitbufferinfo"函数libavcodec/utils.c、 "readvarblockdata"函数libavcodec/alsdec.c、HEVC视频解码器的实现上出现错误，攻击者可利用这些漏洞在受影响应用上下文中执行任意代码。 0 FFmpeg FFmpeg 2.x 厂商补丁： FFmpeg ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://ffmpeg.org/security.html...

Fedora Update for openjpeg FEDORA-2014-0719

Check for the Version of openjpeg OpenVAS Vulnerability Test Fedora Update for openjpeg FEDORA-2014-0719 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 19 Update: openjpeg-1.5.1-8.fc19

OpenJPEG is an open-source JPEG 2000 codec written in C. It has been developed in order to promote the use of JPEG 2000, the new still-image compression standard from the Joint Photographic Experts Group JPEG...

[SECURITY] Fedora 20 Update: openjpeg-1.5.1-8.fc20

OpenJPEG is an open-source JPEG 2000 codec written in C. It has been developed in order to promote the use of JPEG 2000, the new still-image compression standard from the Joint Photographic Experts Group JPEG...

CVE-2013-0856

The lpcprediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec ALAC data, related to a large nbsamples value...

CVE-2013-0855

Integer overflow in the alacdecodeclose function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec ALAC data, which triggers an out-of-bounds array access...

Design/Logic Flaw

The lpcprediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec ALAC data, related to a large nbsamples value...

Integer overflow

Integer overflow in the alacdecodeclose function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec ALAC data, which triggers an out-of-bounds array access...

CVE-2013-0855

Integer overflow in the alacdecodeclose function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec ALAC data, which triggers an out-of-bounds array access...

CVE-2013-0856

The vulnerability CVE-2013-0856 affects FFmpeg’s libavcodec ALAC decoding, specifically the lpc_prediction function in alac.c. Before FFmpeg 1.1, crafted ALAC data (related to a large nb_samples) can lead to a remote impact. The issue originates in the ALAC data handling within the lpc_prediction...

CVE-2013-0856

The lpcprediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec ALAC data, related to a large nbsamples value...

Tandberg MXP Series Video Conferencing Device <= F8.2 Remote DoS Vulnerability

Tandberg MXP Series devices are prone to a remote denial of service DoS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2013-3127

The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Cod...

Remote code execution

The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Cod...