CVE-2017-9992

Heap-based buffer overflow in the decodedds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact vi...

Design/Logic Flaw

Unspecified vulnerability in the decodedds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write."...

CVE-2012-2786

CVE-2012-2786 is a Libav/FFmpeg vulnerability in the decode_wdlt path (libavcodec/dfa.c) that causes an out-of-bounds write when width/height are not correctly handled. Affected products and versions from connected sources include FFmpeg prior to 0.11 and Libav prior to 0.7.7 (0.7.x) and 0.8.4 (0...

CVE-2012-2798

CVE-2012-2798 concerns an out-of-bounds write in FFmpeg/libavcodec/dfa.c (decode_dds1) that affects FFmpeg up to 0.11 and Libav up to 0.7.x before 0.7.7 and 0.8.x before 0.8.4. Connected sources corroborate a boundary-check issue in decode_dds1, with multiple vendor advisories noting fixes in the...