Lucene search
K

7525 matches found

Cvelist
Cvelist
added 2010/02/10 2:0 a.m.31 views

CVE-2009-4632

oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read...

8.9AI score0.02168EPSS
Exploits2References15
CVE
CVE
added 2010/02/10 2:0 a.m.68 views

CVE-2009-4636

CVE-2009-4636 is a vulnerability in FFmpeg 0.5 where a crafted file can trigger an infinite loop, allowing a remote attacker to cause a denial of service. The connected advisories (Mandriva MDVSA-2011:112/2011:114, Gentoo GLSA, OpenVAS plugins) confirm FFmpeg 0.5-related issues and state that upd...

4.3CVSS8.7AI score0.03038EPSS
Exploits2References13Affected Software1
CVE
CVE
added 2010/02/10 2:0 a.m.75 views

CVE-2009-4631

CVE-2009-4631 describes an off-by-one error in the VP3 decoder (vp3.c) of FFmpeg 0.5 leading to an out-of-bounds read and potential memory corruption, enabling a remote attacker to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file. The vulnerability is documente...

9.3CVSS9.3AI score0.05096EPSS
Exploits2References7Affected Software1
Cvelist
Cvelist
added 2010/02/10 2:0 a.m.32 views

CVE-2009-4631

Off-by-one error in the VP3 decoder vp3.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption...

9.5AI score0.05096EPSS
Exploits2References7
Cvelist
Cvelist
added 2010/02/10 2:0 a.m.36 views

CVE-2009-4633

vorbisdec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow...

9.6AI score0.07947EPSS
Exploits2References15
Cvelist
Cvelist
added 2010/02/10 2:0 a.m.34 views

CVE-2009-4634

Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...

9.5AI score0.0721EPSS
Exploits2References16
Cvelist
Cvelist
added 2010/02/10 2:0 a.m.27 views

CVE-2009-4638

Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

9.7AI score0.03913EPSS
Exploits2References6
Cvelist
Cvelist
added 2010/02/10 2:0 a.m.30 views

CVE-2009-4640

Array index error in vorbisdec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read...

9.5AI score0.03997EPSS
Exploits2References15
CVE
CVE
added 2010/02/10 2:0 a.m.66 views

CVE-2009-4633

FFmpeg 0.5 is affected by CVE-2009-4633: vorbis_dec.c contains an assignment operator where a comparison was intended, enabling a crafted file to trigger a heap-based buffer overflow, potentially causing DoS or arbitrary code execution. Mandriva/OpenVAS advisories reference FFmpeg-related fixes i...

10CVSS9.4AI score0.07947EPSS
Exploits2References15Affected Software1
CVE
CVE
added 2010/02/10 2:0 a.m.68 views

CVE-2009-4639

CVE-2009-4639 relates to FFmpeg 0.5 and its AVI demuxer where the av_rescale_rnd function can trigger a divide-by-zero when processing a crafted AVI file, leading to a denial of service (crash). The connected records (Mandriva MDVSA-2011:112, OpenVAS/Nessus entries) confirm FFmpeg 0.5 vulnerabili...

4.3CVSS8.7AI score0.03004EPSS
Exploits2References14Affected Software1
CVE
CVE
added 2010/02/10 2:0 a.m.68 views

CVE-2009-4632

FFmpeg 0.5 contains CVE-2009-4632 in oggparsevorbis.c where pointer arithmetic flaws can trigger an out-of-bounds read, potentially enabling memory disclosure and a Denial of Service. The issue is documented in Mandriva/Gentoo/OpenVAS advisories referencing FFmpeg, with Remediation: update to pat...

5.8CVSS8.8AI score0.02168EPSS
Exploits2References15Affected Software1
CVE
CVE
added 2010/02/10 2:0 a.m.84 views

CVE-2009-4635

FFmpeg 0.5 contains CVE-2009-4635, a vulnerability where a crafted MOV container with improperly ordered tags causes mov.c and utils.c to use inconsistent codec types/identifiers, leading to a video-structure pointer being passed to the mp3 decoder and a stack-based buffer overflow. The issue is ...

9.3CVSS9.4AI score0.08087EPSS
Exploits2References16Affected Software1
CVE
CVE
added 2010/02/10 2:0 a.m.68 views

CVE-2009-4638

CVE-2009-4638 is an FFmpeg 0.5 integer overflow vulnerability that could allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. The connected security records (Debian DSA-2000-1, GLSA 201310-12, and related OpenVAS/NASL entries) confi...

4.3CVSS9.6AI score0.03913EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2010/02/10 2:0 a.m.29 views

CVE-2009-4635

FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause 1 mov.c and 2 utils.c to use inconsistent codec types and identifiers, leading to processing of a video-structure pointer by the...

9.6AI score0.08087EPSS
Exploits2References16
Cvelist
Cvelist
added 2010/02/10 2:0 a.m.30 views

CVE-2009-4637

FFmpeg 0.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow...

9.6AI score0.17038EPSS
Exploits2References9
CVE
CVE
added 2010/02/10 2:0 a.m.88 views

CVE-2009-4634

The CVE-2009-4634 issue is a vulnerability in FFmpeg 0.5 involving multiple integer underflows that allow a remote attacker to cause a denial of service and potentially execute arbitrary code via crafted files. Specifically, one vector bypasses a validation in vorbis_dec.c causing a stack pointer...

10CVSS9.4AI score0.0721EPSS
Exploits2References16Affected Software1
CVE
CVE
added 2010/02/10 2:0 a.m.79 views

CVE-2009-4637

FFmpeg 0.5 is affected by CVE-2009-4637. The vulnerability is described as a stack-based buffer overflow that could be triggered by processing certain media inputs, allowing a remote attacker to cause a crash (DoS) and potentially execute arbitrary code. Public disclosures in the connected source...

10CVSS9.5AI score0.17038EPSS
Exploits2References9Affected Software1
CVE
CVE
added 2010/02/10 2:0 a.m.67 views

CVE-2009-4640

FFmpeg 0.5 contains an array index error in vorbis_dec.c (CVE-2009-4640) that can be triggered by a crafted Vorbis file to cause a denial of service and possibly execute arbitrary code via an out-of-bounds read; this is documented across Mandriva advisories and OpenVAS entries, with patched relea...

4.3CVSS9.3AI score0.03997EPSS
Exploits2References15Affected Software1
Debian CVE
Debian CVE
added 2010/02/10 2:0 a.m.27 views

CVE-2009-4631

Off-by-one error in the VP3 decoder vp3.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption...

9.3CVSS9.6AI score0.05096EPSS
Exploits2
Debian CVE
Debian CVE
added 2010/02/10 2:0 a.m.25 views

CVE-2009-4634

Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...

10CVSS9.7AI score0.0721EPSS
Exploits2
Rows per page
Query Builder