EUVD-2013-0871

Malware in sbrugna...

The vulnerability of the error_resilience.c, h263dec.c, and mpeg4videodec.c components of the FFmpeg multimedia library, related to the insufficient use of the assert() function, allows a malicious actor to cause a system failure.

The vulnerability of the errorresilience.c, h263dec.c, and mpeg4videodec.c components of the FFmpeg multimedia library is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause a service failure by using a specially created AVI...

CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

Null pointer dereference

The fferframeend function in libavcodec/errorresilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data...