Out-of-bounds

libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted GIF data...

CVE-2014-8545

libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted PNG data...

CVE-2014-8542

CVE-2014-8542 affects FFmpeg’s libavcodec/utils.c, where a codec ID was omitted during alignment enforcement, enabling a remote attacker to trigger a denial of service via crafted JV data (out-of-bounds access) and potentially other impacts. The initial description specifies FFmpeg prior to 2.4.2...

CVE-2014-8545

CVE-2014-8545 concerns FFmpeg’s libavcodec/pngdec.c, where the code path accepts the monochrome-black format without validating that bits-per-pixel equals 1. This can trigger an out-of-bounds access in crafted PNG data, leading to a potential denial of service (and possibly other impact) as descr...

CVE-2014-8542

libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted JV data...

CVE-2014-8543

libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted MM video data...

CVE-2014-8547

CVE-2014-8547 is documented in FFmpeg advisories as a vulnerability in libavcodec/gifdec.c where FFmpeg before 2.0.6/2.4.2 miscomputes image heights for GIF data, allowing remote attackers to trigger out-of-bounds access and potential DoS (and possibly other impact) via crafted GIFs. The connecte...

CVE-2014-8545

libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted PNG data...

CVE-2014-8549

libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted On2 data...

CVE-2014-8546

CVE-2014-8546 : FFmpeg contains an integer underflow in libavcodec/cinepak.c (pre-2.4.2) that can be exploited by remote attackers via crafted Cinepak data to cause a denial of service (out-of-bounds access). Affected product is FFmpeg prior to 2.4.2; remediation is to upgrade to FFmpeg 2.4.2 or ...

CVE-2014-8544

libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted TIFF data...

CVE-2014-8542

libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted JV data...

CVE-2014-8545

libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted PNG data...

CVE-2014-8544

CVE-2014-8544 affects FFmpeg (libavcodec/tiff.c) where bits-per-pixel fields are not properly validated. This can enable a remote attacker to trigger a denial of service via crafted TIFF data (out-of-bounds access). The description specifies FFmpeg before 2.4.2 as vulnerable. The provided documen...

CVE-2014-8542

libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted JV data...

CVE-2014-8541

libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via...

CVE-2014-8548

Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted Quicktime Graphics aka SMC video data...

CVE-2014-5272

libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats...

CVE-2014-5271

Heap-based buffer overflow in the encodeslice function in libavcodec/proresenckostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via...

Heap overflow

Heap-based buffer overflow in the encodeslice function in libavcodec/proresenckostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via...