62 matches found
ffmpeg: Index-out-of-bounds in decompress_i
Detailed report: https://oss-fuzz.com/testcase?key=6625214647500800 Project: ffmpeg Fuzzer: libFuzzerffmpegAVCODECIDSCPRfuzzer Fuzz target binary: ffmpegAVCODECIDSCPRfuzzer Job Type: libfuzzerubsanffmpeg Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State: decompressi...
ffmpeg: Index-out-of-bounds in decode_unit
Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=5286680976162816 Project: ffmpeg Fuzzer: libFuzzerffmpegAVCODECIDSCPRfuzzer Fuzz target binary: ffmpegAVCODECIDSCPRfuzzer Job Type: libfuzzerubsanffmpeg Platform Id: linux Crash Type: Index-out-of-bounds...
ffmpeg: Heap-buffer-overflow in decode_frame
Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=5011336327069696 Project: ffmpeg Fuzzer: aflffmpegAVCODECIDFMVCfuzzer Fuzz target binary: ffmpegAVCODECIDFMVCfuzzer Job Type: aflasanffmpeg Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Cras...
Out-of-Bounds Write
FFmpeg is vulnerable to an out-of-bounds write. A malicious user can use this to cause a system crash or to overwrite variables currently in the buffer. This can be done through the decodeframe function in libavcodec/pictordec.c...
CVE-2017-7862
FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decodeframe function in libavcodec/pictordec.c...
CVE-2017-7862
FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decodeframe function in libavcodec/pictordec.c...
ffmpeg: Heap-buffer-overflow in decode_frame
Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6424225917173760 Project: ffmpeg Fuzzer: ffmpegVIDEOAVCODECIDPICTORfuzzer Job Type: libfuzzerasanffmpeg Crash Type: Heap-buffer-overflow WRITE Crash Address: 0x7f77cbd4ca6f Crash Stat...
CVE-2013-0851
The decodeframe function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access...
CVE-2013-0851
The decodeframe function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access...
Out-of-bounds
The decodeframe function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access...
CVE-2013-0851
The decodeframe function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access...
CVE-2013-0851
The decodeframe function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access...
CVE-2012-2779
Unspecified vulnerability in the decodeframe function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an invalid "gop header" and decoding in a "half initialized context."...
CVE-2012-2779
Unspecified vulnerability in the decodeframe function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an invalid "gop header" and decoding in a "half initialized context."...
CVE-2012-2787
Unspecified vulnerability in the decodeframe function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup width/height."...
CVE-2012-2779
Unspecified vulnerability in the decodeframe function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an invalid "gop header" and decoding in a "half initialized context."...
CVE-2012-2787
Unspecified vulnerability in the decodeframe function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup width/height."...
CVE-2012-2787
CVE-2012-2787 affects FFmpeg/libav indeo4 decoder. The vulnerability is tied to the decode_frame path in indeo4.c and width/height handling during size changes, with the impact and vectors not fully quantified in the primary entry. Mandriva’s advisory MDVSA-2013:079 confirms CVE-2012-2787 and sta...
CVE-2012-2779
CVE-2012-2779 affects FFmpeg/Libav indeo5 decoding: the issue is in indeo5decode path where decoding could run with a half-initialized context if the GOP header is invalid, leading to potential memory/logic errors. Affected: FFmpeg up to 0.11 and Libav up to 0.8.x prior to their fixes; the docume...
CVE-2012-2779
Unspecified vulnerability in the decodeframe function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an invalid "gop header" and decoding in a "half initialized context."...