1127 matches found
CVE-2013-7011
The CVE-2013-7011 issue affects FFmpeg’s read_header in libavcodec/ffv1dec.c, where global parameters can be changed by crafted FFV1 data, enabling a remote attacker to trigger a DoS via out-of-bounds access. Affected: FFmpeg builds prior to 2.1. Root cause: improper validation of global paramete...
CVE-2013-7014
Integer signedness error in the addbytesl2c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted PNG data...
CVE-2011-3944
The CVE-2011-3944 entry concerns FFmpeg's libavcodec/smacker.c: the smacker_decode_header_tree function in FFmpeg up to version before 0.10 can be triggered by crafted Smacker data, potentially causing unspecified impact on remote hosts. The available connected records confirm FFmpeg/libavcodec a...
CVE-2011-3950
The diracdecodedataunit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via a crafted value in the reference pictures number...
CVE-2013-0859
The adddoublesmetadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an out-of-bounds array access...
CVE-2013-0854
The mjpegdecodescanprogressiveac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data...
CVE-2013-0854
The mjpegdecodescanprogressiveac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data...
CVE-2013-0857
The decodeframeilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data...
CVE-2013-0845
libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via a crafted block length, which triggers an out-of-bounds write...
CVE-2013-0846
Array index error in the qdm2decodesuperblock function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access...
DEBIAN-CVE-2013-0856
The lpcprediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec ALAC data, related to a large nbsamples value...
CVE-2013-0855
Integer overflow in the alacdecodeclose function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec ALAC data, which triggers an out-of-bounds array access...
Code injection
The decodeframeilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data...
CVE-2013-0844
Off-by-one error in the adpcmdecodeframe function in libavcodec/adpcm.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via crafted DK4 data, which triggers an out-of-bounds array access...
CVE-2013-0854
The mjpegdecodescanprogressiveac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data...
Out-of-bounds
The decodeinit function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted width in huffyuv data with the predictor set to median and the colorspace set to YUV422P, which triggers an out-of-bounds array access...
Design/Logic Flaw
The roqdecodeinit function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted 1 width or 2 height dimension that is not a multiple of sixteen in id RoQ video data...
Integer overflow
Integer overflow in the alacdecodeclose function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec ALAC data, which triggers an out-of-bounds array access...
CVE-2013-0852
The parsepicturesegment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access...
CVE-2013-0857
The decodeframeilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data...