14 matches found
EUVD-2018-5252
Malware in sbrugna...
Ffmpeg 'ff_mpeg4_decode_picture_header' Null Pointer Dereference Vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ffmpeg4decodepictureheader' function in the libavcodec/mpeg4videodec.c file in FFmpeg version 4.0.1, which is caused by the program failing to check...
Null pointer dereference
In FFmpeg 4.0.1, a missing check for failure of a call to initgetbits8 in the avprivac3parseheader function in libavcodec/ac3parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service...
CVE-2018-13304
In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...
Design/Logic Flaw
In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...
CVE-2018-13302
In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...
DEBIAN-CVE-2018-13303
In FFmpeg 4.0.1, a missing check for failure of a call to initgetbits8 in the avprivac3parseheader function in libavcodec/ac3parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service...
CVE-2018-13301
In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service...
Information disclosure
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1putblocksclamped function in libavcodec/vc1block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service...
CVE-2018-13302
In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...
CVE-2018-13303
In FFmpeg 4.0.1, a missing check for failure of a call to initgetbits8 in the avprivac3parseheader function in libavcodec/ac3parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service...
CVE-2018-13305
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1putblocksclamped function in libavcodec/vc1block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service...
CVE-2018-13302
In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...
CVE-2018-13302
In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...