UBUNTU-CVE-2016-2330

libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted .tga file, related to the gifimagewriteimage, gifencodeinit, and...

FFmpeg 'jpeg2000_decode_tile' Function Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability in the 'jpeg2000decodetile' function in FFmpeg's libavcodec/jpeg2000dec.c file allows remote attackers to exploit specially crafted JPEG 2000 data to crash an...

DEBIAN-CVE-2016-2213

The jpeg2000decodetile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service out-of-bounds array read access via crafted JPEG 2000 data...

UBUNTU-CVE-2016-2213

The jpeg2000decodetile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service out-of-bounds array read access via crafted JPEG 2000 data...

CVE-2016-2213

FFmpeg vulnerability CVE-2016-2213 affects jpeg2000_decode_tile in libavcodec/jpeg2000dec.c, with FFmpeg versions prior to 2.8.6 vulnerable to out-of-bounds array reads via crafted JPEG 2000 data, enabling remote denial of service. Connected advisories (Gentoo GLSA-201606-09, Mageia MGASA-2016-00...

CVE-2016-2213

The jpeg2000decodetile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service out-of-bounds array read access via crafted JPEG 2000 data...

Out-of-bounds

The h264sliceheaderinit function in libavcodec/h264slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other...

CVE-2015-8662

FFmpeg vulnerability CVE-2015-8662 affects the libavcodec/jpeg2000dwt.c module, where ff_dwt_decode does not validate the number of decomposition levels before performing Discrete Wavelet Transform decoding. For crafted JPEG 2000 data, this can trigger an out-of-bounds array access and a denial o...

CVE-2015-8663

CVE-2015-8663 affects FFmpeg prior to 2.8.4, where the function ff_get_buffer in libavcodec/utils.c preserves width/height after a failure. This can enable a remote attacker to trigger a denial of service via an out-of-bounds array access when processing a crafted .mov file. The issue is mitigate...

FFmpeg 'h264_slice_header_init' function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'h264sliceheaderinit' function in the libavcodec/h264slice.c file in versions of FFmpeg prior to 2.8.3, which stems from the program not verifying the...

FFmpeg 'ff_dwt_decode' Function Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ffdwtdecode' function in the libavcodec/jpeg2000dwt.c file in versions of FFmpeg prior to FFmpeg 2.8.4, which stems from a program that performs...

FFmpeg 'ff_get_buffer' Function Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ffgetbuffer' function in the libavcodec/utils.c file in versions of FFmpeg prior to 2.8.4, which originates from a failed program execution that does...

Out-of-bounds

The VideoFramePool::PoolImpl::CreateFrame function in media/base/videoframepool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allow remote attackers to cause a denial of service out-of-bounds memory access or possibly have...

CVE-2015-8480

The CVE-2015-8480 entry relates to Google Chrome before 47.0.2526.73. The vulnerability arises because VideoFramePool::PoolImpl::CreateFrame does not initialize memory for a video-frame data structure, enabling remote attackers to trigger a denial of service via out-of-bounds memory access, poten...

FFmpeg 'smka_decode_frame' function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video. A security vulnerability exists in the smkadecodeframe function in the libavcodec / smacker.c file in FFmpeg versions prior to 2.6.5, 2.7.x versions prior to 2.7.3, and 2.8.x versions 2.8.2 and prior. An...

CVE-2015-8365

The smkadecodeframe function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly...

Out-of-bounds

The smkadecodeframe function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly...

CVE-2015-8365

CVE-2015-8365 affects FFmpeg libavcodec/smacker.c. The vulnerability arises when the data size is not checked against the number of channels, allowing an out-of-bounds access that can cause a remote denial of service (and possible other impact) via crafted Smacker data. Affected FFmpeg versions: ...

CVE-2015-8365

The smkadecodeframe function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly...

CVE-2015-8364

CVE-2015-8364 is a vulnerability in FFmpeg’s libavcodec/ivi.c (ff_ivi_init_planes) where an integer overflow can occur due to crafted Indeo Video Interactive dimensions. Affected FFmpeg branches include 2.6 before 2.6.5, 2.7.x before 2.7.3, and 2.8.x before 2.8.2. The issue enables remote attacke...