Heap overflow

The kempfdecodetile function in libavcodec/g2meet.c in FFmpeg before 2.0.1 allows remote attackers to cause a denial of service out-of-bounds heap write via a G2M4 encoded file...

CVE-2013-0874

The 1 doubles2str and 2 shorts2str functions in libavcodec/tiff.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via a crafted TIFF image, related to an out-of-bounds array access...

Design/Logic Flaw

The readheader function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses."...

Design/Logic Flaw

The advanceline function in libavcodec/targa.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted Targa image data, related to an out-of-bounds array access...

CVE-2013-0873

The readheader function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses."...

CVE-2013-0876

CVE-2013-0876 : FFmpeg is affected by multiple integer overflows in libavcodec/sanm.c (functions old_codec37 and old_codec47) that can be exploited by crafted LucasArts Smush data to trigger an out-of-bounds access. The issue affects FFmpeg releases before 1.1.3 and enables remote impact as descr...

CVE-2013-4264

The kempfdecodetile function in libavcodec/g2meet.c in FFmpeg before 2.0.1 allows remote attackers to cause a denial of service out-of-bounds heap write via a G2M4 encoded file...

CVE-2013-0877

The oldcodec37 function in libavcodec/sanm.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted LucasArts Smush data that has a large size when decoded, related to an out-of-bounds array access...

CVE-2013-0875

FFmpeg is affected by CVE-2013-0875 via the ff_add_png_paeth_prediction function in libavcodec/pngdec.c, vulnerable before version 1.1.3 due to an out-of-bounds array access when processing crafted PNG images. This affects FFmpeg’s PNG decoding path and could enable remote impact. Remediation per...

CVE-2013-0876

Multiple integer overflows in the 1 oldcodec37 and 2 oldcodec47 functions in libavcodec/sanm.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via crafted LucasArts Smush data, which triggers an out-of-bounds array access...

CVE-2013-0877

The CVE-2013-0877 entry describes a vulnerability in FFmpeg prior to 1.1.3 where the old_codec37 function in libavcodec/sanm.c can be triggered by crafted LucasArts Smush data of large size, leading to an out-of-bounds array access and unspecified impact. Public-availability documents (Gentoo GLS...

CVE-2013-0874

FFmpeg contains a vulnerability (CVE-2013-0874) in libavcodec/tiff.c: the doubles2str and shorts2str helpers can be triggered by a crafted TIFF image, due to an out-of-bounds array access. Affected: FFmpeg versions before 1.1.3. Impact as described: remote attacker could cause unspecified effects...

CVE-2013-0873

The readheader function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses."...

CVE-2013-0874

The 1 doubles2str and 2 shorts2str functions in libavcodec/tiff.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via a crafted TIFF image, related to an out-of-bounds array access...

FFmpeg 'libavcodec'越界内存访问漏洞(CVE-2013-4358)

BUGTRAQ ID: 62440 CVECAN ID: CVE-2013-4358 FFmpeg是一个免费的可以执行音讯和视讯多种格式的录影、转档、串流功能的软件。 FFmpeg 0.11.3的libavcodec H.264代码存在安全漏洞，攻击者可利用此漏洞在受影响用户上下文中执行任意代码，越界读写。 0 FFmpeg 0.11.3 厂商补丁： FFmpeg ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://ffmpeg.org/security.html...

Updated ffmpeg packages fix several security vulnerabilities

ffmpeg prior to 1.1.5 contains several security vulnerabilities CVE-2013-3671: The formatline function in log.c in libavutil uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service invalid pointer dereference and application...

CVE-2013-3673

The gifdecodeframe function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted GIF data...

CVE-2013-3674

The cdgdecodeframe function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted CD Graphics Video data...

CVE-2013-3670

The rleunpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted RLE data. NOTE: the vendor has listed this as ...

DEBIAN-CVE-2013-3672

The mmdecodeinter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted American Laser...