7525 matches found
CVE-2009-4632
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read...
CVE-2009-4636
CVE-2009-4636 is a vulnerability in FFmpeg 0.5 where a crafted file can trigger an infinite loop, allowing a remote attacker to cause a denial of service. The connected advisories (Mandriva MDVSA-2011:112/2011:114, Gentoo GLSA, OpenVAS plugins) confirm FFmpeg 0.5-related issues and state that upd...
CVE-2009-4631
CVE-2009-4631 describes an off-by-one error in the VP3 decoder (vp3.c) of FFmpeg 0.5 leading to an out-of-bounds read and potential memory corruption, enabling a remote attacker to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file. The vulnerability is documente...
CVE-2009-4631
Off-by-one error in the VP3 decoder vp3.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption...
CVE-2009-4633
vorbisdec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow...
CVE-2009-4634
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...
CVE-2009-4638
Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...
CVE-2009-4640
Array index error in vorbisdec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read...
CVE-2009-4633
FFmpeg 0.5 is affected by CVE-2009-4633: vorbis_dec.c contains an assignment operator where a comparison was intended, enabling a crafted file to trigger a heap-based buffer overflow, potentially causing DoS or arbitrary code execution. Mandriva/OpenVAS advisories reference FFmpeg-related fixes i...
CVE-2009-4639
CVE-2009-4639 relates to FFmpeg 0.5 and its AVI demuxer where the av_rescale_rnd function can trigger a divide-by-zero when processing a crafted AVI file, leading to a denial of service (crash). The connected records (Mandriva MDVSA-2011:112, OpenVAS/Nessus entries) confirm FFmpeg 0.5 vulnerabili...
CVE-2009-4632
FFmpeg 0.5 contains CVE-2009-4632 in oggparsevorbis.c where pointer arithmetic flaws can trigger an out-of-bounds read, potentially enabling memory disclosure and a Denial of Service. The issue is documented in Mandriva/Gentoo/OpenVAS advisories referencing FFmpeg, with Remediation: update to pat...
CVE-2009-4635
FFmpeg 0.5 contains CVE-2009-4635, a vulnerability where a crafted MOV container with improperly ordered tags causes mov.c and utils.c to use inconsistent codec types/identifiers, leading to a video-structure pointer being passed to the mp3 decoder and a stack-based buffer overflow. The issue is ...
CVE-2009-4638
CVE-2009-4638 is an FFmpeg 0.5 integer overflow vulnerability that could allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. The connected security records (Debian DSA-2000-1, GLSA 201310-12, and related OpenVAS/NASL entries) confi...
CVE-2009-4635
FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause 1 mov.c and 2 utils.c to use inconsistent codec types and identifiers, leading to processing of a video-structure pointer by the...
CVE-2009-4637
FFmpeg 0.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow...
CVE-2009-4634
The CVE-2009-4634 issue is a vulnerability in FFmpeg 0.5 involving multiple integer underflows that allow a remote attacker to cause a denial of service and potentially execute arbitrary code via crafted files. Specifically, one vector bypasses a validation in vorbis_dec.c causing a stack pointer...
CVE-2009-4637
FFmpeg 0.5 is affected by CVE-2009-4637. The vulnerability is described as a stack-based buffer overflow that could be triggered by processing certain media inputs, allowing a remote attacker to cause a crash (DoS) and potentially execute arbitrary code. Public disclosures in the connected source...
CVE-2009-4640
FFmpeg 0.5 contains an array index error in vorbis_dec.c (CVE-2009-4640) that can be triggered by a crafted Vorbis file to cause a denial of service and possibly execute arbitrary code via an out-of-bounds read; this is documented across Mandriva advisories and OpenVAS entries, with patched relea...
CVE-2009-4631
Off-by-one error in the VP3 decoder vp3.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption...
CVE-2009-4634
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...