260 matches found
Libav Resource Management Error Vulnerability
Libav is Libav team's set of cross-platform audio and video can be recorded, converted solution, which includes a libavcodec encoder. A resource management error vulnerability exists in the 'mpc8readheader' function of the libavformat/mpc8.c file in Libav version 12.3, which can be exploited to...
UBUNTU-CVE-2019-14371
An issue was discovered in Libav 12.3. There is an infinite loop in the function movprobe in the file libavformat/mov.c, related to offset and tag...
CVE-2019-13390
In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...
CVE-2019-13390
In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...
Design/Logic Flaw
In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...
CVE-2019-13390
CVE-2019-13390 affects FFmpeg 4.1.3, where a division by zero occurs in adx_write_trailer (libavformat/rawenc.c). The connected advisories confirm this exact flaw (CVE-2019-13390) and tie it to FFmpeg’s raw muxer handling. Reported impact is exposure to denial of service or crash scenarios via cr...
CVE-2019-13390
In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...
CVE-2019-13390
In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...
PT-2019-5777 · FFmpeg +4 · Ffmpeg +4
Name of the Vulnerable Software and Affected Versions: FFmpeg version 4.1.3 Description: The issue is related to a division by zero error in the adx write trailer function of the libavformat library in the FFmpeg multimedia environment. This error can be exploited by a remote attacker to cause a...
CVE-2019-12730
aareadheader in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables...
UBUNTU-CVE-2019-12730
aareadheader in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables...
CVE-2019-12730
CVE-2019-12730 affects FFmpeg: aa_read_header in libavformat/aadec.c may use uninitialized variables because sscanf failure isn’t checked. Affected releases are FFmpeg before 3.2.14 and 4.x before 4.1.4. This is fixed in FFmpeg 3.2.14 and 4.1.4 (per multiple advisories and official commits). Reme...
CVE-2019-12730
aareadheader in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables...
Debian DLA-1809-1 : libav security update
Two more security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. CVE-2018-15822 The flvwritepacket function in libavformat/flvenc.c in libav did not check for an empty audio packet, leading to an assertion failure. CVE-2019-11338 libavcodec/hevcdec.c...
SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2019:1299-1)
This update for ffmpeg fixes the following issues : Security issue fixed : CVE-2018-14395: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a DoS bsc1101889 CVE-2018-14394: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a D...
Updated live, ffmpeg, mplayer, and vlc packages fix security vulnerabilities
A bug in the server implementation of RTSP-over-HTTP in live could allow a denial-of-service attack. A bug in the server implementation of RTSP-over-HTTP could allow a buffer overflow, which could result in the execution of arbitrary code when parsing a malformed RTSP stream CVE-2018-4013. The...
Design/Logic Flaw
The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...
CVE-2018-15822
The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...
CVE-2018-15822
CVE-2018-15822 affects FFmpeg/libav through 2.8 where flv_write_packet in libavformat/flvenc.c does not check for an empty audio packet, triggering an assertion failure. Multiple connected advisories (Debian DLA-1809, DSA-4449; USN-3967-1; Cloud Foundry/Ubuntu advisories) reference this CVE along...
CVE-2018-15822
The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...