1127 matches found
FFmpeg 'libavcodec/dnxhddec.c' Denial of Service Vulnerability
FFmpeg is a free program that performs recording, transferring and streaming of audio and video in various formats. A security vulnerability in the processing of DNxHD files by the FFmpeg libavcodec/dnxhddec.c/dnxhddecodeheader function allows an attacker to exploit the vulnerability by submittin...
ALPINE-CVE-2017-11719
The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...
Design/Logic Flaw
The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...
Libav Denial of Service Vulnerability (CNVD-2017-26313)
Libav formerly FFmpeg is Libav team's set of cross-platform audio and video can be recorded, converted to a solution, which includes a libavcodec encoder. A security vulnerability exists in the 'buildtable' function of the libavcodec/bitstream.c file in Libav version 12.1. A remote attacker can...
ALPINE-CVE-2017-11399
Integer overflow in the apedecodeframe function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access and application crash or possibly have unspecified other impact via a crafted APE file...
CVE-2017-11399
Integer overflow in the apedecodeframe function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access and application crash or possibly have unspecified other impact via a crafted APE file...
CVE-2017-11399
Integer overflow in the apedecodeframe function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access and application crash or possibly have unspecified other impact via a crafted APE file...
CVE-2017-11399
CVE-2017-11399 : FFmpeg (versions 2.4–3.3.2) is affected by an integer overflow in the ape_decode_frame function of libavcodec/apedec.c, which can be triggered by a crafted APE file to cause a denial of service (out-of-bounds access and crash) or potentially other impact. The connected advisories...
CVE-2017-11399
Integer overflow in the apedecodeframe function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access and application crash or possibly have unspecified other impact via a crafted APE file...
Heap overflow
Heap-based buffer overflow in the xwddecodeframe function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other...
ALPINE-CVE-2017-9992
Heap-based buffer overflow in the decodedds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact vi...
Heap overflow
libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
ALPINE-CVE-2017-9996
The cdxldecodeframe function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not exclude the CHUNKY format, which allows remote attackers to cause a denial of service heap-based buffer overflow and...
CVE-2017-9992
Heap-based buffer overflow in the decodedds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact vi...
CVE-2017-9990
Stack-based buffer overflow in the colorstringtorgba function in libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file...
CVE-2017-9991
Heap-based buffer overflow in the xwddecodeframe function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other...
UBUNTU-CVE-2017-9992
Heap-based buffer overflow in the decodedds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact vi...
Heap overflow
libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...
CVE-2017-9990
Stack-based buffer overflow in the colorstringtorgba function in libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file...
UBUNTU-CVE-2017-9994
libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...