Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.

...

The vulnerability in the `QuickTimeVideo::decodeBlock` function of the `quicktimevideo.cpp` file in the library and command-line utilities for managing image metadata from Exiv2 allows a hacker to execute arbitrary code.

The vulnerability in the QuickTimeVideo::decodeBlock function of the quicktimevideo.cpp file in the library and command-line utilities for managing image metadata with Exiv2 is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remo...

Heap-based Buffer Overflow

libexiv2.so is vulnerable to heap-based buffer overflows. The vulnerability exists in the decodeBlock function of quicktimevideo.cpp due to improper handling of buffer size which allows an attacker to cause overflows resulting in an application crash...

CVE-2022-3757

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

PT-2022-5398 · Exiv2 +1 · Exiv2 +1

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to the function QuickTimeVideo::decodeBlock of the file quicktimevideo.cpp in the QuickTime Video Handler component of the Exiv2 library and command-line utility for...

PT-2022-5400 · Exiv2 +1 · Exiv2 +1

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to a buffer overflow in the QuickTimeVideo::decodeBlock function of the quicktimevideo.cpp file in the Exiv2 library, which can be exploited by a remote attacker to execu...

VideoLAN VLC media player out-of-bounds read vulnerability

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. An out-of-bounds...

CVE-2019-19721

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

CVE-2019-19721

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

Memory corruption

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

CVE-2019-19721

VLC media player

VLC: Buffer overflow

Background VLC is a cross-platform media player and streaming server. Description A buffer overflow in DecodeBlock in sdlimage.c was discovered. Impact A remote user could craft a specifically crafted image file that could execute arbitrary code or cause denial of service. Workaround The user...

PT-2020-2142 · Videolan +4 · Vlc Media Player +4

Name of the Vulnerable Software and Affected Versions: VideoLAN VLC media player versions prior to 3.0.9 Description: The issue is related to an off-by-one error in the DecodeBlock function in codec/sdl image.c, which allows remote attackers to cause a denial of service memory corruption via a...

AZL-7175 CVE-2017-6832 affecting package audiofile 0.3.6-27

Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service crash via a crafted file...

CVE-2017-6832

Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service crash via a crafted file...

AZL-36924 CVE-2017-6832 affecting package audiofile 0.3.6-27

Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service crash via a crafted file...

PT-2017-17359 · Unknown +2 · Audio File Library +2

Name of the Vulnerable Software and Affected Versions: Audio File Library versions 0.2.7 through 0.3.6 Description: The issue is a heap-based buffer overflow in the decodeBlock function in MSADPCM.cpp. This allows remote attackers to cause a denial of service crash via a crafted file...

UBUNTU-CVE-2017-6832

Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service crash via a crafted file...

CVE-2022-3718

Removed by vendor...