CVE-2013-2496

The msrledecode8162432 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via crafted...

CVE-2013-2276

The avcodecdecodeaudio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have...

Out-of-bounds

The avcodecdecodeaudio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have...

CVE-2013-2276

The avcodecdecodeaudio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have...

CVE-2013-2276

The avcodecdecodeaudio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have...

CVE-2013-2276

The CVE-2013-2276 entry concerns FFmpeg's libavcodec avcodec_decode_audio4 in utils.c, vulnerable before 1.1.3 where decoding state is not verified before certain skip operations. This can allow remote attackers to trigger an out-of-bounds access and a crash (DoS), via crafted audio data. Affecte...

CVE-2013-2277

The ffh264decodeseqparameterset function in h264ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between luma depth and chroma depth, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecifie...

CVE-2011-3937

CVE-2011-3937 concerns the H.263 decoder (libavcodec/h263dec.c) in FFmpeg and Libav, where the width/height could change when frame threads are used. Affected products/versions include FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and older Libav lines (0.5.x before 0.5.9, 0.6.x before 0.6.6, ...

Vulnerabilities in FFmpeg Libavcodec Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of three vulnerabilities in the FFmpeg codec library software version 0.10 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected...

CVE-2012-2803

Double free vulnerability in the mpegdecodeframe function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value...

CVE-2012-2804

Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width...

CVE-2012-2801

Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to dimensions and "out of array writes."...

DEBIAN-CVE-2012-2803

Double free vulnerability in the mpegdecodeframe function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value...

CVE-2012-2798

Unspecified vulnerability in the decodedds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write."...

CVE-2012-2799

Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the "put bit buffer when numsavedbits is reset."...

CVE-2012-2792

Unspecified vulnerability in the decodeinit function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame...

CVE-2012-2783

Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to "freeing the returned frame."...

CVE-2012-2794

Unspecified vulnerability in the decodembinfo function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "allocated tile size ... mismatches parameters."...

CVE-2012-2785

Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors, related to 1 "some subframes only encode some channels" or 2 a large order value...

CVE-2012-2787

Unspecified vulnerability in the decodeframe function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup width/height."...