6117 matches found
CVE-2019-9718
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkuptoass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
CVE-2019-9721
FFmpeg 3.2 and 4.1 are affected by CVE-2019-9721, a denial-of-service in the subtitle decoder caused by a complex sscanf format in libavcodec/htmlsubtitles.c (handle_open_brace). Public OSV entries summarize fixes in FFmpeg 4.2 and related components for multiple CVEs (e.g., CVE-2020-21688, -2169...
CVE-2019-9721
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
CVE-2019-9718
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkuptoass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
CVE-2019-9718
CVE-2019-9718 is a DoS in FFmpeg’s subtitle decoder, affecting FFmpeg 3.2 and 4.1 via the Matroska subtitle path. The root cause is a complex format string in ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c that enables consuming excessive CPU when parsing crafted Matroska subtitles. Public ad...
CVE-2019-9721
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
FFmpeg 'ff_htmlmarkup_to_ass' function denial of service vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ffhtmlmarkuptoass' function in the libavcodec/htmlsubtitles.c file of the subtitle decoder in FFmpeg version 4.1. A remote attacker can exploit this...
CVE-2019-9721
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
CVE-2019-9718
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkuptoass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
UBUNTU-CVE-2019-9721
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
UltraVNC out-of-bounds access vulnerability (CNVD-2019-10286)
UltraVNC is an open source remote terminal control software for Windows platform.Ultra2 decoder is one of the Ultra2 decoders. A security vulnerability exists in the VNC client for the Ultra2 decoder in UltraVNC version 1203. An attacker can exploit the vulnerability to execute code out-of-bounds...
UltraVNC Ultra Decoder Out-of-Bounds Read Vulnerability
UltraVNC is an open source remote terminal control software for the Windows platform. ultra decoder is one of the Ultra decoders. An out-of-bounds read vulnerability exists in the VNC client code of the Ultra decoder in UltraVNC version 1210. An attacker could exploit this vulnerability to cause ...
Linux/x86 - INSERTION Encoder / Decoder execve(/bin/sh) Shellcode (88 bytes)
/ ''' ; Date: 07/03/2019 ; Insertion-Encoder.asm ; Author: Daniele Votta ; Description: This program encode shellcode with insertion technique 0xAA. ; Tested on: i686 GNU/Linux ''' !/usr/bin/python Python Insertion Encoder import random Execve /bin/sh 25 bytes shellcode...
CVE-2019-8264
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204...
CVE-2019-8280
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204...
CVE-2019-8264
UltraVNC vulnerability CVE-2019-8264 is a memory-safe/out-of-bounds access issue in the VNC client of the Ultra2 decoder (revision 1203). It could allow remote code execution over the network and has a fix in revision 1204. Affected product: UltraVNC, Ultra2 decoder; the issue is tied to out-of-b...
CVE-2019-8264
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204...
CVE-2019-8280
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204...
Design/Logic Flaw
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204...
CVE-2019-8280
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204...