7 matches found
Debian: Security Advisory (DLA-1142-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4012-1 : libav - security update
Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11 .11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
[SECURITY] [DSA 4012-1] libav security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4012-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 31, 2017 https://www.debian.org/security/faq -...
openSUSE Security Update : ffmpeg (openSUSE-2015-963)
This update to ffmpeg 2.8.3 fixes the following security issues : - CVE-2015-8363: Check for duplicate SIZ marker / asanheap-oob boo957114 - CVE-2015-8364: Check image dimensions / integer overflow boo957115 - CVE-2015-8365: out of array access / asanheap-oob boo957116 %NASLMINLEVEL 70300 C Tenab...
CVE-2015-8365
CVE-2015-8365 affects FFmpeg libavcodec/smacker.c. The vulnerability arises when the data size is not checked against the number of channels, allowing an out-of-bounds access that can cause a remote denial of service (and possible other impact) via crafted Smacker data. Affected FFmpeg versions: ...
CVE-2015-8365
The smkadecodeframe function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly...
CVE-2015-8365
The smkadecodeframe function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly...