CVE-2012-2799

FFmpeg before 0.11 contains an unspecified vulnerability in libavcodec/wmalosslessdec.c related to the behavior of the put bit buffer when num_saved_bits is reset. The impact and attack vectors are not clearly defined in the provided sources. The issue is documented across multiple feeds (NVD, Re...

CVE-2012-2782

CVE-2012-2782 is described in FFmpeg as an unspecified vulnerability in decode_slice_header (libavcodec/h264.c) for FFmpeg before 0.11, with unknown impact and attack vectors and related to a “rejected resolution change.” The connected sources confirm the affected component, and identify no expli...

CVE-2012-2790

Unspecified vulnerability in the readvarblockdata function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "number of decoded samples in first sub-block in BGMC mode."...

CVE-2012-2804

Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width...

CVE-2012-2801

Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to dimensions and "out of array writes."...

CVE-2012-2787

Unspecified vulnerability in the decodeframe function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup width/height."...

CVE-2012-2772

Unspecified vulnerability in the ffrv34decodeframe function in libavcodec/rv34.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing with frame threading."...

CVE-2012-2783

Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to "freeing the returned frame."...

CVE-2012-2791

Multiple unspecified vulnerabilities in the 1 decodebandhdr function in indeo4.c and 2 ffividecodeblocks function in ivicommon.c in libavcodec/ in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, have unknown impact and attack vectors, related to the "transform size."...

CVE-2012-0849

Integer overflow in the ffj2kdwtinit function in libavcodec/j2kdwt.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service segmentation fault and application crash via a crafted JPEG2000 image that triggers an incorrect check for a negative value...

CVE-2012-0855

Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...

CVE-2012-0849

Integer overflow in the ffj2kdwtinit function in libavcodec/j2kdwt.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service segmentation fault and application crash via a crafted JPEG2000 image that triggers an incorrect check for a negative value...

Heap overflow

Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...

CVE-2012-0855

The CVE-2012-0855 vulnerability affects FFmpeg’s libavcodec J2K decoder (get_sot in j2k.c). It is a heap-based buffer overflow that can be triggered remotely to cause an application crash (denial of service) and is associated with FFmpeg versions prior to 0.9.1. No exploitation vectors, specific ...

CVE-2012-0849

FFmpeg vulnerability CVE-2012-0849: Integer overflow in ff_j2k_dwt_init (libavcodec/j2k_dwt.c) present in FFmpeg before 0.9.1, enabling remote denial of service via a crafted JPEG2000 image that triggers an incorrect negative-value check. Documents confirm the affected component and root cause bu...

CVE-2012-0855

Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...

CVE-2012-0855

Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...

Buffer overflow

Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service crash and possibly...

Integer overflow

Integer overflow in the vp3dequant function in the VP3 decoder vp3.c in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of...

CVE-2011-4579

The CVE-2011-4579 entry concerns the SVQ1 decoder function svq1_decode_frame in FFmpeg/libavcodec (svq1dec.c). A crafted SVQ1 stream can trigger a memory corruption vulnerability that allows remote denial of service, with impact described as a crash via a stream whose dimensions change. Affected ...